CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
56.9%
The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.
Vendor | Product | Version | CPE |
---|---|---|---|
53kf | web_im_2009 | _nil_ | cpe:2.3:a:53kf:web_im_2009:_nil_:enterprise:*:*:*:*:*:* |
53kf | web_im_2009 | _nil_ | cpe:2.3:a:53kf:web_im_2009:_nil_:home:*:*:*:*:*:* |
53kf | web_im_2009 | _nil_ | cpe:2.3:a:53kf:web_im_2009:_nil_:professional:*:*:*:*:*:* |