Vulnerability Details : CVE-2004-1837
Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2004-1837
- cpe:2.3:a:joel_palmius:mod_survey:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre1:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre2:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.14d:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre5:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre6:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.2.0_pre1:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.2.0_pre2:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre3:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15_pre4:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.14e:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.16_pre1:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:joel_palmius:mod_survey:3.2.0_pre3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-1837
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-1837
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2004-1837
Jump to