CVE-2005-1695
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/05/2005
Last modified:
18/10/2016
Description
Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php.
Impact
Base Score 2.0
2.60
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:postnuke_software_foundation:postnuke:0.750:*:*:*:*:*:*:* | ||
cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc2:*:*:*:*:*:*:* | ||
cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page