ID |
CVE-2005-0784
|
Summary |
Multiple cross-site scripting (XSS) vulnerabilities in Phorum before 5.0.15 allow remote attackers to inject arbitrary web script or HTML via (1) the subject line to follow.php or (2) the subject line in the user's personal control panel. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.3 (as of 18-10-2016 - 03:14) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bid | 12800 | bugtraq | 20050313 3 XSS Vulnerabilities in Phorum <= 5.0.14 | secunia | 14554 |
|
Last major update |
18-10-2016 - 03:14 |
Published |
02-05-2005 - 04:00 |
Last modified |
18-10-2016 - 03:14 |