Vulnerability Details CVE-2004-1410
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://marc.info/?l=bugtraq&m=110330741828726&w=2
- http://secunia.com/advisories/13450
- http://www.osvdb.org/12524
- http://www.securityfocus.com/bid/11998
- http://marc.info/?l=bugtraq&m=110330741828726&w=2
- http://secunia.com/advisories/13450
- http://www.osvdb.org/12524
- http://www.securityfocus.com/bid/11998
Products affected by CVE-2004-1410
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build149
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build150
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build151
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build152
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build153
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build154
-
cpe:2.3:a:gadu-gadu:gadu-gadu_instant_messenger:6.0_build155