CVE-2005-1695
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/05/2005
Last modified:
03/04/2025
Description
Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php.
Impact
Base Score 2.0
2.60
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:postnuke_software_foundation:postnuke:0.750:*:*:*:*:*:*:* | ||
| cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=111670482500552&w=2
- http://marc.info/?l=bugtraq&m=111670506926649&w=2
- http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2691
- http://marc.info/?l=bugtraq&m=111670482500552&w=2
- http://marc.info/?l=bugtraq&m=111670506926649&w=2
- http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2691