CVE-2005-4574

Published: Dec 29, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.

Affected (5)

Products: Paperthin: Commonspot Content Server

1 product

Commonspot Content Server

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Paperthin Commonspot Content Server	Up to 4.5
Paperthin Commonspot Content Server	Version 2.5
Paperthin Commonspot Content Server	Version 3.0
Paperthin Commonspot Content Server	Version 3.2
Paperthin Commonspot Content Server	Version 4.0

References (10)

http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html

Source: cve@mitre.org

http://secunia.com/advisories/18257

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/21931

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/16071

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/23864

Source: cve@mitre.org

http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18257

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/21931

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/16071

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/23864

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.