Vulnerability Details CVE-2005-3014
Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://membres.lycos.fr/newnst/exploit/Ensim_Autentification_XSS_By_ConcorDHacK.html
- http://www.securityfocus.com/bid/14836
- http://www.zataz.com/forum/viewtopic.php?id=113
- http://membres.lycos.fr/newnst/exploit/Ensim_Autentification_XSS_By_ConcorDHacK.html
- http://www.securityfocus.com/bid/14836
- http://www.zataz.com/forum/viewtopic.php?id=113
Products affected by CVE-2005-3014
-
cpe:2.3:a:ensim:webppliance:3.0
-
cpe:2.3:a:ensim:webppliance:3.1
-
cpe:2.3:a:ensim:webppliance:3.1.1