CVE-2005-4574
published 2005-12-29CVE-2005-4574: Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web…
PriorityP419medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.74%
74.9th percentile
Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paperthin | commonspot_content_server | <= 4.5 | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
| paperthin | commonspot_content_server | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.htmlhttp://secunia.com/advisories/18257http://www.osvdb.org/21931http://www.securityfocus.com/bid/16071https://exchange.xforce.ibmcloud.com/vulnerabilities/23864http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.htmlhttp://secunia.com/advisories/18257http://www.osvdb.org/21931http://www.securityfocus.com/bid/16071https://exchange.xforce.ibmcloud.com/vulnerabilities/23864
2005-12-29
Published