Vulnerabilities > CVE-2005-4420 - Input Validation vulnerability in Quicksquare Development Honeycomb Archive Enterprise 3.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

quicksquare-development

NVD

Published: 2005-12-20

Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in Honeycomb Archive Enterprise 3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keyword parameter in search.cfm.

Vulnerable Configurations

Part	Description	Count
Application	Quicksquare_Development Quicksquare Development Honeycomb Archive Enterprise 3.0	1

References

http://pridels0.blogspot.com/2005/12/honeycomb-archive-honeycomb-archive.html
http://secunia.com/advisories/18127
http://www.osvdb.org/21828
http://www.securityfocus.com/bid/15995
https://exchange.xforce.ibmcloud.com/vulnerabilities/23831