Vulnerability Description
Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Flatnuke | Flatnuke | 2.5.3 |
References
- http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
- http://secunia.com/advisories/15603Patch
- http://securitytracker.com/id?1014114Patch
- http://secwatch.org/advisories/secwatch/20050604_flatnuke.txtVendor Advisory
- http://www.vupen.com/english/advisories/2005/0697
- http://flatnuke.sourceforge.net/index.php?mod=read&id=1117979256
- http://secunia.com/advisories/15603Patch
- http://securitytracker.com/id?1014114Patch
- http://secwatch.org/advisories/secwatch/20050604_flatnuke.txtVendor Advisory
- http://www.vupen.com/english/advisories/2005/0697
FAQ
What is CVE-2005-1895?
CVE-2005-1895 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.
How severe is CVE-2005-1895?
CVE-2005-1895 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1895?
Check the references section above for vendor advisories and patch information. Affected products include: Flatnuke Flatnuke.