CVE-2005-4644

medium

Description

Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24183

http://www.vupen.com/english/advisories/2006/0226

http://www.securityfocus.com/bid/16198

http://www.debian.org/security/2006/dsa-951

http://trac.edgewall.org/ticket/2473

http://secunia.com/advisories/18555

http://secunia.com/advisories/18465

Details

Source: Mitre, NVD

Published: 2005-12-31

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

CVSS v4

Base Score: 5.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Severity: Medium

EPSS

EPSS: 0.00658

Detections

Analytics

CVE-2005-4644

medium

Description

References

Details

Risk Information

CVSS v2

CVSS v3

CVSS v4

EPSS