| ID |
CVE-2004-1589
|
| Summary |
Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.3 (as of 11-07-2017 - 01:31) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
| refmap
via4
|
| bid | 11361 | | bugtraq | 20041011 [MAxpatrol Security Advisory] Multiple vulnerabilities in GoSmart Message Board | | secunia | 12790 | | xf | gosmart-forum-mainmessageid-xss(17679) |
|
| Last major update |
11-07-2017 - 01:31 |
| Published |
31-12-2004 - 05:00 |
| Last modified |
11-07-2017 - 01:31 |
