| ID |
CVE-2004-1700
|
| Summary |
Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.3 (as of 11-07-2017 - 01:31) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
| refmap
via4
|
| bid | 11415 | | secunia | 12613 | | xf | pinnacle-showcenter-xss(17708) |
|
| Last major update |
11-07-2017 - 01:31 |
| Published |
14-10-2004 - 04:00 |
| Last modified |
11-07-2017 - 01:31 |
