Lucene search

[email protected]NVD:CVE-2004-2624

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2624

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON

Cross-site scripting (XSS) vulnerability in “TextSearch” in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the “phrase” parameter.

Affected configurations

Nvd

Node

wackowikiwackowikiMatchr3

wackowikiwackowikiMatchr3.5

VendorProductVersionCPE
wackowikiwackowikir3cpe:2.3:a:wackowiki:wackowiki:r3:*:*:*:*:*:*:*
wackowikiwackowikir3.5cpe:2.3:a:wackowiki:wackowiki:r3.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wackowiki	wackowiki	r3	cpe:2.3:a:wackowiki:wackowiki:r3:::::::*
wackowiki	wackowiki	r3.5	cpe:2.3:a:wackowiki:wackowiki:r3.5:::::::*

References

secunia.com/advisories/12209

wackowiki.com/WackoDownload/VersionHistory?v=yrv

www.osvdb.org/8295

www.securityfocus.com/bid/10860

exchange.xforce.ibmcloud.com/vulnerabilities/16878

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON

Related for NVD:CVE-2004-2624

cvelist1 nessus1 openvas1 cve1