CVE-2005-3967

Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter.

Published: Dec 3, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3967
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
atlassian / confluence	2.0.1_build_321	2.0.1_build_321.x

http://pridels0.blogspot.com/2005/12/confluence-enterprise-wiki-xss-vuln.html
http://secunia.com/advisories/17833
http://www.osvdb.org/21377
http://www.securityfocus.com/bid/15688
http://www.vupen.com/english/advisories/2005/2691

Vulnerability Database

290,020

CVE-2005-3967