Vulnerabilities > CVE-2005-4476 - Cross-Site Scripting vulnerability in OpenEdit Results.HTML

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
openedit-inc
exploit available
NVD
Published: 2005-12-22
Updated: 2013-09-12

Summary

Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page parameters.

Vulnerable Configurations

Part Description Count
Application
Openedit_Inc
1

Exploit-Db

descriptionOpenEdit 4.0 Results.HTML Cross-Site Scripting Vulnerability. CVE-2005-4476. Webapps exploit for jsp platform
idEDB-ID:26924
last seen2016-02-03
modified2005-12-21
published2005-12-21
reporterr0t3d3Vil
sourcehttps://www.exploit-db.com/download/26924/
titleOpenEdit 4.0 Results.HTML Cross-Site Scripting Vulnerability

References