CVE-2004-0787

Published Oct 20, 2004

Last updated 7 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openca:openca:0.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2091E6F-DCEF-4A0B-B9D5-8C68462FF198"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "583D6CE9-76CA-4469-A608-60FB5C20A099"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BC6D293-6140-435D-9AA9-1579CBD01FEF"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C28F5B50-380E-4569-B939-A18B28646E12"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB46AC2D-15B6-4C6E-B073-4DE2FEB4D42E"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE3B0051-6082-4B40-B3F2-268866E1784A"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A01AEDA-B58B-4823-883A-CA43281EDAD3"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63E8A9C3-DCD8-4B7A-97C6-85CFD808E9FA"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9919778A-F611-483F-AA1D-81154289EE14"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFF9CC49-10A9-4EC2-A4A0-74AE178A3EBB"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "923B7984-C4FE-4352-A769-64C20F78B865"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC9AD902-1E0D-4E63-BDA4-1AC0EF7D16B2"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EBFF2C6-5EB5-4E8D-A334-0ED0ABA6766B"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD0AE47F-2235-41B7-8164-66079B5E1BF9"
          },
          {
            "criteria": "cpe:2.3:a:openca:openca:0.9.2_rc6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B0F9412-163E-48E8-9E1B-3AE1E8C35D2B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References