Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mnogosearch | Mnogosearch | 3.1.19 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.htmlPatchVendor Advisory
- http://www.mikx.de/index.php?p=6PatchVendor Advisory
- http://www.mnogosearch.org/history.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11895PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18434
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.htmlPatchVendor Advisory
- http://www.mikx.de/index.php?p=6PatchVendor Advisory
- http://www.mnogosearch.org/history.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11895PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18434
FAQ
What is CVE-2004-1059?
CVE-2004-1059 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, ...
How severe is CVE-2004-1059?
CVE-2004-1059 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1059?
Check the references section above for vendor advisories and patch information. Affected products include: Mnogosearch Mnogosearch.