CVE-2004-1735 : Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.

Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.

Published 2004-08-21 04:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2004-1735

Sympa » Sympa » Version: 4.1
cpe:2.3:a:sympa:sympa:4.1:*:*:*:*:*:*:*
Matching versions
Sympa » Sympa » Version: 4.1.1
cpe:2.3:a:sympa:sympa:4.1.1:*:*:*:*:*:*:*
Matching versions
Sympa » Sympa » Version: 4.1.2
cpe:2.3:a:sympa:sympa:4.1.2:*:*:*:*:*:*:*
Matching versions
Sympa » Sympa » Version: 4.0
cpe:2.3:a:sympa:sympa:4.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2004-1735

EPSS FAQ

3.93%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-1735

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2004-1735

http://www.securityfocus.com/bid/10992

Exploit;Vendor Advisory
http://secunia.com/advisories/12339

About Secunia Research | Flexera
Vendor Advisory
http://marc.info/?l=bugtraq&m=109312475207604&w=2

'Cross Site Scripting Vulnerability in Sympa' - MARC
https://exchange.xforce.ibmcloud.com/vulnerabilities/17057

Sympa description field cross-site scripting CVE-2004-1735 Vulnerability Report

Jump to

Vulnerability Details : CVE-2004-1735

Products affected by CVE-2004-1735

Exploit prediction scoring system (EPSS) score for CVE-2004-1735

CVSS scores for CVE-2004-1735

References for CVE-2004-1735