CVE-2004-0787 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-0787

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields.

Affected Software

Name	Vendor	Start Version	End Version
Openca	Openca	0.8.0	0.8.0
Openca	Openca	0.9.1	0.9.1
Openca	Openca	0.9.1.2	0.9.1.2
Openca	Openca	0.9.1.3	0.9.1.3
Openca	Openca	0.9.1.8	0.9.1.8
Openca	Openca	0.9.1.4	0.9.1.4
Openca	Openca	0.9.0.1	0.9.0.1
Openca	Openca	0.9.1.6	0.9.1.6
Openca	Openca	0.8.1	0.8.1
Openca	Openca	0.9.1.5	0.9.1.5
Openca	Openca	0.9.0	0.9.0
Openca	Openca	0.9.2_rc6	0.9.2_rc6
Openca	Openca	0.9.0.2	0.9.0.2
Openca	Openca	0.8.6	0.8.6
Openca	Openca	0.9.1.7	0.9.1.7

References

http://www.openca.org/news/CAN-2004-0787.txt
http://www.securityfocus.com/bid/11113
http://marc.info/?l=bugtraq\u0026m=109448767123954\u0026w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/17274