Vulnerability Details CVE-2005-0407
Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
- http://secunia.com/advisories/14294
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
- http://www.securityfocus.com/bid/12554
- http://seclists.org/lists/fulldisclosure/2005/Feb/0347.html
- http://secunia.com/advisories/14294
- http://www.redteam-pentesting.de/advisories/rt-sa-2005-007.txt
- http://www.securityfocus.com/bid/12554
Products affected by CVE-2005-0407
-
cpe:2.3:a:zakon_group:openconf:1.0
-
cpe:2.3:a:zakon_group:openconf:1.01
-
cpe:2.3:a:zakon_group:openconf:1.02
-
cpe:2.3:a:zakon_group:openconf:1.03
-
cpe:2.3:a:zakon_group:openconf:1.04
-
cpe:2.3:a:zakon_group:openconf:1.0_beta1
-
cpe:2.3:a:zakon_group:openconf:1.0_beta2
-
cpe:2.3:a:zakon_group:openconf:1.0_rc1
-
cpe:2.3:a:zakon_group:openconf:1.0_rc2