Vulnerability Details CVE-2005-3073
Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/16923
- http://www.icdevgroup.org/pipermail/interchange-announce/2005/000049.html
- http://www.icdevgroup.org/pipermail/interchange-announce/2005/000050.html
- http://www.osvdb.org/19653
- http://www.securityfocus.com/bid/14931
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22387
- http://secunia.com/advisories/16923
- http://www.icdevgroup.org/pipermail/interchange-announce/2005/000049.html
- http://www.icdevgroup.org/pipermail/interchange-announce/2005/000050.html
- http://www.osvdb.org/19653
- http://www.securityfocus.com/bid/14931
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22387
Products affected by CVE-2005-3073
-
cpe:2.3:a:interchange_development_group:interchange:4.9.3
-
cpe:2.3:a:interchange_development_group:interchange:5.0
-
cpe:2.3:a:interchange_development_group:interchange:5.2