CVE-2005-2460

2006-06-0620:03:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Kayako liveResponse 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter or (2) name field when entering a session or sending a message.

References

marc.info/?l=bugtraq&m=112274359718863&w=2

secunia.com/advisories/16286

www.gulftech.org/?node=research&article_id=00092-07302005

www.osvdb.org/18395

www.osvdb.org/18397

www.securityfocus.com/bid/14425