Vulnerabilities > CVE-2005-2186 - Cross-Site Scripting vulnerability in IntruShield Security Management System

CVSS 1.9 - LOW

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

mcafee

NVD

Published: 2005-07-11

Updated: 2016-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp.

Vulnerable Configurations

Part	Description	Count
Hardware	Mcafee Mcafee Intrushield Security Management System *	1

References

http://marc.info/?l=bugtraq&m=112066594312876&w=2
http://marc.info/?l=bugtraq&m=112076813804503&w=2
http://secunia.com/advisories/15961
http://securitytracker.com/id?1014422