Vulnerability Details CVE-2004-2128
Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.1%
CVSS Severity
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=107531020924977&w=2
- http://secunia.com/advisories/10741
- http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1
- http://www.osvdb.org/3741
- http://www.securityfocus.com/bid/9516
- http://www.securitytracker.com/id?1008880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14977
- http://marc.info/?l=bugtraq&m=107531020924977&w=2
- http://secunia.com/advisories/10741
- http://www.brswebweaver.com/modules.php?op=modload&name=News&file=article&sid=1
- http://www.osvdb.org/3741
- http://www.securityfocus.com/bid/9516
- http://www.securitytracker.com/id?1008880
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14977