ID CVE-2003-1194
Summary Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. This was fixed in version 0.2.4.
References
Vulnerable Configurations
  • cpe:2.3:a:booby:booby:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:booby:booby:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:booby:booby:0.3:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 8932
confirm http://sourceforge.net/project/shownotes.php?release_id=193878
sectrack 1008056
secunia 10110
xf booby-error-message-xss(13557)
Last major update 11-07-2017 - 01:29
Published 30-10-2003 - 05:00
Back to Top