CVE Vulnerabilities

CVE-2005-1695

Published: May 24, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php.

Affected Software

Name Vendor Start Version End Version
Postnuke Postnuke_software_foundation 0.760_rc3 0.760_rc3
Postnuke Postnuke_software_foundation 0.760_rc2 0.760_rc2
Postnuke Postnuke_software_foundation 0.750 0.750

References