admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2005/CVE-2005-37xx/CVE-2005-3745.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

198 lines
5.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2005-3745",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-11-22T11:03:00.000",
"lastModified": "2024-11-21T00:02:34.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Apache Struts 1.2.7, y posiblemente otras versiones, permite a atacantes remotos inyectar 'script' web o HTML de su elecci\u00f3n mediante la cadena de consulta, que no es entrecomillada o filtrada adecuadamente cuando el manejador de peticiones genera un mensaje de error."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC81E1A-2779-4FAF-866C-970752CD1828"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/17677",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/18341",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/197",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1015257",
"source": "cve@mitre.org"
},
{
"url": "http://www.hacktics.com/AdvStrutsNov05.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/21021",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2006-0157.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2006-0161.html",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/417296/30/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/15512",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2005/2525",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65f9b90446ff2de3%40%3Cissues.struts.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "https://lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a544a1e72b2326db%40%3Cissues.struts.apache.org%3E",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/17677",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/18341",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securityreason.com/securityalert/197",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securitytracker.com/id?1015257",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.hacktics.com/AdvStrutsNov05.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/21021",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2006-0157.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2006-0161.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/417296/30/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/15512",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2005/2525",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread.html/r02c2d634fa74209d941c90f9a4cd36a6f12366ca65f9b90446ff2de3%40%3Cissues.struts.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.apache.org/thread.html/rf482c101a88445d73cc2e89dbf7f16ae00a4aa79a544a1e72b2326db%40%3Cissues.struts.apache.org%3E",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink