CVE-2004-1700 — MEDIUM (4.3)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Pinnacle Systems	Showcenter	1.51_build_121

References

http://secunia.com/advisories/12613ExploitPatchVendor Advisory
http://www.securityfocus.com/bid/11415
https://exchange.xforce.ibmcloud.com/vulnerabilities/17708
http://secunia.com/advisories/12613ExploitPatchVendor Advisory
http://www.securityfocus.com/bid/11415
https://exchange.xforce.ibmcloud.com/vulnerabilities/17708

FAQ

What is CVE-2004-1700?

CVE-2004-1700 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoe...

How severe is CVE-2004-1700?

CVE-2004-1700 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-1700?

Check the references section above for vendor advisories and patch information. Affected products include: Pinnacle Systems Showcenter.