Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
References
| Link | Resource |
|---|---|
| http://www.securityfocus.com/bid/12583 | Patch Third Party Advisory VDB Entry Vendor Advisory |
| http://marc.info/?l=bugtraq&m=110868948719773&w=2 | Exploit Mailing List Third Party Advisory |
| http://marc.info/?l=full-disclosure&m=110864983905770&w=2 | Exploit Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
02 Feb 2024, 16:42
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-79 | |
| First Time |
Guillaumegardey biborb
Guillaumegardey |
|
| References | (FULLDISC) http://marc.info/?l=full-disclosure&m=110864983905770&w=2 - Exploit, Mailing List, Third Party Advisory | |
| References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=110868948719773&w=2 - Exploit, Mailing List, Third Party Advisory | |
| References | (BID) http://www.securityfocus.com/bid/12583 - Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
| CPE | cpe:2.3:a:guillaumegardey:biborb:1.3.2:-:*:*:*:*:*:* cpe:2.3:a:guillaumegardey:biborb:1.3.2:rc:*:*:*:*:*:* |
Information
Published : 2005-05-02 04:00
Updated : 2024-02-02 16:42
NVD link : CVE-2005-0251
Mitre link : CVE-2005-0251
JSON object : View
Products Affected
guillaumegardey
- biborb
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')