{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4196", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Scout Portal Toolkit (SPT) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the ss parameter in SPT--QuickSearch.php; (2) ParentId parameter in SPT--BrowseResources.php; (3) the ResourceId parameter in SPT--FullRecord.php; (4) ResourceOffset parameter in SPT--Home.php, (5) F_SearchString parameter in SPT--QuickSearch.php; (6) F_UserName and (7) F_Password parameters in SPT--UserLogin.php; (8) F_SearchCat1, (9) F_TextField1, (10) F_SearchCat2, (11) F_TextField2, (12) F_SearchCat3, (13) F_TextField3, (14) F_SearchCat4, (15) F_TextField4, (16) ResourceType, (17) Language, (18) Audience, (19) Format parameters in SPT--AdvancedSearch.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "21635", "refsource": "OSVDB", "url": "http://www.osvdb.org/21635" }, { "name": "ADV-2005-2844", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/2844" }, { "name": "15818", "refsource": "BID", "url": "http://www.securityfocus.com/bid/15818" }, { "name": "21633", "refsource": "OSVDB", "url": "http://www.osvdb.org/21633" }, { "name": "17979", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17979" }, { "name": "21634", "refsource": "OSVDB", "url": "http://www.osvdb.org/21634" }, { "name": "http://www.x-illusion.com/rs/Scout%20Portal%20Toolkit.txt", "refsource": "MISC", "url": "http://www.x-illusion.com/rs/Scout%20Portal%20Toolkit.txt" }, { "name": "21632", "refsource": "OSVDB", "url": "http://www.osvdb.org/21632" }, { "name": "21636", "refsource": "OSVDB", "url": "http://www.osvdb.org/21636" }, { "name": "scoutportal-xss(23545)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23545" }, { "name": "21631", "refsource": "OSVDB", "url": "http://www.osvdb.org/21631" }, { "name": "21630", "refsource": "OSVDB", "url": "http://www.osvdb.org/21630" } ] } }