CVE-2005-0914

Medium

4.3/10

Summary

Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Mar 26, 2005

CVE-2005-0914

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS