1. CVE-Search
  2. CVE-2005-3412
ID CVE-2005-3412
Summary Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag.
References
Vulnerable Configurations
  • cpe:2.3:a:elite_forum:elite_forum:1.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:elite_forum:elite_forum:1.0.0.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 19-10-2018 - 15:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 15257
bugtraq 20051101 HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability
fulldisc 20051101 HYSA-2005-009 Elite Forum 1.0.0.0 XSS
misc http://www.h4cky0u.org/advisories/HYSA-2005-009-elite-forum.txt
secunia 17341
sreason 136
vupen ADV-2005-2260
Last major update 19-10-2018 - 15:36
Published 01-11-2005 - 20:03
Last modified 19-10-2018 - 15:36
Back to Top