CVE-2005-4492 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-4492

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter.

Affected Software

Name	Vendor	Start Version	End Version
Sitesage	Starphire_technologies	5.0.18 (including)	5.0.18 (including)
Sitesage-ee	Starphire_technologies	*	*
Sitesage-le	Starphire_technologies	*	*
Sitesage-sb	Starphire_technologies	*	*
Sitesage-se	Starphire_technologies	*	*

References

http://pridels0.blogspot.com/2005/12/sitesage-xss-vuln.html
http://secunia.com/advisories/18214
http://www.osvdb.org/21861
http://www.securityfocus.com/bid/16017
http://www.vupen.com/english/advisories/2005/3051
http://pridels0.blogspot.com/2005/12/sitesage-xss-vuln.html
http://secunia.com/advisories/18214
http://www.osvdb.org/21861
http://www.securityfocus.com/bid/16017
http://www.vupen.com/english/advisories/2005/3051