Lucene search
HistoryMar 24, 2008 - 10:44 p.m.
CVE-2008-1470
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.006
Percentile
78.7%
Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118.
Affected configurations
Node
rsawebidMatch5.3
Related
prion
prion
Cross site scripting
2008-03-24 22:44:00
Cross site scripting
2008-04-30 14:10:00
cvelist
cvelist
cve
cve
nvd
nvd
CVE-2008-2026
2008-04-30 14:10:00
CVE-2005-1118
2005-04-14 04:00:00
exploitdb
exploitdb
RSA - SecurID Cross-Site Scripting
2010-02-11 00:00:00
RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting
2008-03-17 00:00:00
RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting
2005-04-15 00:00:00
seebug
seebug
RSA认证代理登录页面IISWebAgentIF.dll跨站脚本漏洞
2008-04-25 00:00:00
nessus
nessus
RSA Security RSA Authentication Agent For Web For IIS XSS
2005-05-09 00:00:00
openvas
openvas
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
cert
cert
RSA Authentication Agent for Web fails to properly validate input
2005-06-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.006
Percentile
78.7%
Related for NVD:CVE-2008-1470