Vulnerabilities > CVE-2005-4294 - Cross-Site Scripting vulnerability in Alkacon OpenCMS Login
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
alkacon
Summary
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0640.html
- http://secunia.com/advisories/18046
- http://securitytracker.com/id?1015365
- http://www.opencms.org/opencms/en/download/opencms.html
- http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=1910
- http://www.securityfocus.com/bid/15882
- http://www.vupen.com/english/advisories/2005/2923