CVE-2005-3973 in Drupalinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allow remote attackers to inject arbitrary web script or HTML via various HTML tags and values, such as the (1) legend tag and the value parameter used in (2) label and (3) input tags, possibly due to an incomplete blacklist.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Reservation

12/03/2005

Disclosure

12/03/2005

Moderation

VulDB entry created

Entries

VDB-27252

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00605

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3973
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3973
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3973/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!