CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-4413

Multiple cross-site scripting (XSS) vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the (1) E-mail address field to (a) PlantsByWebSphere/login.jsp, (2) message field to (b) TechnologySample/BulletinBoard Script, (3) Email address field to (c) TechnologySamples/Subscription, and the (4) Movie Name, (5) Movie Reviewer, and (6) Movie Review fields to (d) TechnologySamples/MovieReview2_1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://securitytracker.com/id?1015360
http://www.ipomonis.com/advisories/ibm_css.txt
http://www.securityfocus.com/bid/15929
http://securitytracker.com/id?1015360
http://www.ipomonis.com/advisories/ibm_css.txt
http://www.securityfocus.com/bid/15929

Products affected by CVE-2005-4413

Ibm » Websphere Application Server » Version: 6.0

cpe:2.3:a:ibm:websphere_application_server:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-4413

Products

Pricing

Contact Us