Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2005-4574

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.

PublishedDec 29, 2005, 11:03

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html
http://secunia.com/advisories/18257
http://www.osvdb.org/21931
http://www.securityfocus.com/bid/16071
https://exchange.xforce.ibmcloud.com/vulnerabilities/23864

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

4.3

Vector String

AV:N/AC:M/Au:N/C:N/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)