Vulnerability Description
Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Peoplesoft | Hrms | 7.0 |
References
- http://secunia.com/advisories/12674/Vendor Advisory
- http://www.auscert.org.au/render.html?it=4419Vendor Advisory
- http://www.securityfocus.com/bid/11275
- http://www.securitytracker.com/alerts/2004/Sep/1011433.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17543
- http://secunia.com/advisories/12674/Vendor Advisory
- http://www.auscert.org.au/render.html?it=4419Vendor Advisory
- http://www.securityfocus.com/bid/11275
- http://www.securitytracker.com/alerts/2004/Sep/1011433.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17543
FAQ
What is CVE-2004-2435?
CVE-2004-2435 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTM...
How severe is CVE-2004-2435?
CVE-2004-2435 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2435?
Check the references section above for vendor advisories and patch information. Affected products include: Peoplesoft Hrms.