CVE-2005-3436

medium

Description

Cross-site scripting (XSS) vulnerability in Nuked-Klan 1.7 allows remote attackers to inject arbitrary web script or HTML via the (1) Search module, (2) certain edit fields in Guestbook, (3) the title in the Forum module, and (4) Textbox.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/22873

http://www.vupen.com/english/advisories/2005/2189

http://www.securityfocus.com/bid/15166

http://securityreason.com/securityalert/104

http://secunia.com/advisories/17304/

http://marc.info/?l=bugtraq&m=112991421210577&w=2

Details

Source: Mitre, NVD

Published: 2005-11-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00527