CVE-2004-1410
published 2004-12-31CVE-2004-1410: Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.70%
74.4th percentile
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
| gadu-gadu | gadu-gadu_instant_messenger | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-39q5-jpv6-m4vh: Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) n
ghsa_unreviewed·2022-04-29·CVSS 4.3
CVE-2004-1229 [MEDIUM] GHSA-39q5-jpv6-m4vh: Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) n
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410.
GHSA
GHSA-9mhp-hg5f-qp8m: Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is
ghsa_unreviewed·2022-04-29·CVSS 7.5
CVE-2004-1410 [HIGH] GHSA-9mhp-hg5f-qp8m: Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.
No detection rules found.
No writeups or analysis indexed.
2004-12-31
Published