CVE-2005-3742

Properties

Published:
21.11.2005
Updated:
23.11.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
    Product:
    Advanced Poll: Advanced Poll
    Advanced Poll: Advanced Poll

    Vulnerability description

    Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter.

    References:

    BID: http://www.securityfocus.com/bid/15506
    FRSIRT: http://www.frsirt.com/english/advisories/2005/2524
    SECTRACK: http://securitytracker.com/id?1015245
    SECUNIA: http://secunia.com/advisories/17669
    OSVDB: http://www.osvdb.org/21006