Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2651

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2651
Last Modified 05 Sep 2008 04:44:44
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2651

Summary

Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html.

Vulnerable Systems

Application

  • Michael Christen Yacy 0.1 Build2004-01-19

  • Michael Christen Yacy 0.11 Build2004-01-24

  • Michael Christen Yacy 0.12 Build2004-02-04

  • Michael Christen Yacy 0.13 Build2004-02-10

  • Michael Christen Yacy 0.14 Build2004-02-13

  • Michael Christen Yacy 0.15 Build2004-03-18

  • Michael Christen Yacy 0.16 Build2004-05-03

  • Michael Christen Yacy 0.20 Build2004-06-14

  • Michael Christen Yacy 0.21 Build2004-06-27

  • Michael Christen Yacy 0.22 Build2004-07-11

  • Michael Christen Yacy 0.23 Build2004-08-08

  • Michael Christen Yacy 0.24 Build2004-08-16

  • Michael Christen Yacy 0.25 Build2004-08-22

  • Michael Christen Yacy 0.26 Build2004-09-16

  • Michael Christen Yacy 0.27 Build2004-09-24

  • Michael Christen Yacy 0.28 Build2004-10-01

  • Michael Christen Yacy 0.29 Build2004-10-22

  • Michael Christen Yacy 0.30 Build2004-11-25

  • Michael Christen Yacy 0.31 Build2004-12-09

  • Michael Christen Yacy Build2003-12-15

  • Michael Christen Yacy Build2003-12-18

  • Michael Christen Yacy Build2003-12-29

  • Michael Christen Yacy Build2004-01-05

  • Michael Christen Yacy Build2004-01-07

  • Michael Christen Yacy Build2004-01-10


References

XF - yacy-wiki-xss(18690)

XF - yacy-index-xss(18688)

OSVDB - 12630

SECTRACK - 1012686

CONFIRM - http://www.yacy.net/yacy/News.html

BID - 12104

OSVDB - 12629

BUGTRAQ - 20041224 XSS in yacy 0.31


Last Updated: 27 May 2016 10:39:34