CVE-2004-1318 Common Vulnerabilities and Exposures

Upstream information

CVE-2004-1318 at MITRE

Description

Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	None
Integrity Impact	Partial
Availability Impact	None

SUSE Bugzilla entries: 373529 [RESOLVED / FIXED], 64304 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SR:2005:001, published Wednesday, Jan 12th 2004 18:00 MEST

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:07:36 2013
CVE page last modified: Fri Dec 8 16:11:01 2023