CVE-2005-1448
Published May 3, 2005
Last updated 16 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "925A50B9-0CEF-42FF-8359-52BAFB4FEBB5"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C739BCD2-1722-42E0-9560-752DBBF05BC1"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7_beta1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62C28957-2724-406D-BAD4-DDCDE8CFA843"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7_beta2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FE669F3-75FA-4237-8424-109FE52F59ED"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7_beta3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18814B9C-FE3E-4BB4-99E5-E3A88666B0F7"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7_beta4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E80A9CDA-C3E2-474F-8E43-440C72B0E8E7"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.7_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15CFA451-FFD4-452D-A744-5FDA80379BF4"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.8_beta5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F29716C7-2882-4B69-A4F8-BDBF0FB9CF88"
},
{
"criteria": "cpe:2.3:a:s9y:serendipity:0.8_beta6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A455F8B9-8A31-4BF1-895B-5D4579BE9C56"
}
],
"operator": "OR"
}
]
}
]