Vulnerability Description
Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Walla Telesite | Walla Telesite | <= 3.0 |
References
- http://secunia.com/advisories/17547Vendor Advisory
- http://securitytracker.com/id?1015204Exploit
- http://www.securityfocus.com/archive/1/416581/30/0/threaded
- http://www.securityfocus.com/bid/15419Exploit
- http://secunia.com/advisories/17547Vendor Advisory
- http://securitytracker.com/id?1015204Exploit
- http://www.securityfocus.com/archive/1/416581/30/0/threaded
- http://www.securityfocus.com/bid/15419Exploit
FAQ
What is CVE-2005-3577?
CVE-2005-3577 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter.
How severe is CVE-2005-3577?
CVE-2005-3577 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3577?
Check the references section above for vendor advisories and patch information. Affected products include: Walla Telesite Walla Telesite.