CVE-2004-2072 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-2072

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.

Affected Software

Name	Vendor	Start Version	End Version
Mambo_open_source	Mambo	4.6 (including)	4.6 (including)

References

http://www.securityfocus.com/bid/9588
http://www.systemsecure.org/advisories/ssadvisory06022004.php
https://exchange.xforce.ibmcloud.com/vulnerabilities/15062
http://www.securityfocus.com/bid/9588
http://www.systemsecure.org/advisories/ssadvisory06022004.php
https://exchange.xforce.ibmcloud.com/vulnerabilities/15062