CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1638

The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute values, which could allow remote attackers to exploit cross-site scripting (XSS) vulnerabilities in applications that rely on SafeHTML for protection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://pixel-apes.com/safehtml/feed
http://secunia.com/advisories/15371
http://www.osvdb.org/16612
http://pixel-apes.com/safehtml/feed
http://secunia.com/advisories/15371
http://www.osvdb.org/16612

Products affected by CVE-2005-1638

Pixel-Apes Group » Safehtml » Version: 1.1.0

cpe:2.3:a:pixel-apes_group:safehtml:1.1.0
Pixel-Apes Group » Safehtml » Version: 1.2.0

cpe:2.3:a:pixel-apes_group:safehtml:1.2.0
Pixel-Apes Group » Safehtml » Version: 1.2.1

cpe:2.3:a:pixel-apes_group:safehtml:1.2.1
Pixel-Apes Group » Safehtml » Version: 1.3.0

cpe:2.3:a:pixel-apes_group:safehtml:1.3.0
Pixel-Apes Group » Safehtml » Version: 1.3.1

cpe:2.3:a:pixel-apes_group:safehtml:1.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1638

Products

Pricing

Contact Us