CVE-2004-1735

Published: Aug 21, 2004Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.

Affected (4)

Products: Sympa: Sympa

Sympa

1 product

Sympa

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Sympa Sympa	Version 4.0
Sympa Sympa	Version 4.1.1
Sympa Sympa	Version 4.1.2
Sympa Sympa	Version 4.1

References (8)

http://marc.info/?l=bugtraq&m=109312475207604&w=2

Source: cve@mitre.org

http://secunia.com/advisories/12339

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/10992

Source: cve@mitre.org

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/17057

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109312475207604&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12339

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/10992

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/17057

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.