Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1448

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2005-1448
Last Modified 05 Sep 2008 04:49:10
Published 03 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-1448

Summary

Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Systems

Application

  • S9y Serendipity 0.7

  • S9y Serendipity 0.7 Beta1

  • S9y Serendipity 0.7 Beta2

  • S9y Serendipity 0.7 Beta3

  • S9y Serendipity 0.7 Beta4

  • S9y Serendipity 0.7 Rc1

  • S9y Serendipity 0.7.1

  • S9y Serendipity 0.8 Beta5

  • S9y Serendipity 0.8 Beta6


References

BID - 13411

CONFIRM - http://www.s9y.org/63.html#A9

OSVDB - 15876

SECUNIA - 15145


Last Updated: 27 May 2016 10:40:10