Vulnerabilities > CVE-2005-2063 - Cross-Site Scripting vulnerability in Active web Softwares Activebuyandsell 6.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp.

Vulnerable Configurations

Part Description Count
Application
Active_Web_Softwares
1