Vulnerabilities > CVE-2005-1186 - Cross-Site Scripting vulnerability in Jukebox
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
musicmatch
Summary
Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |