CVE-2005-4665

Published: Dec 31, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags.

Affected (20)

Products: Punbb: Punbb

1 product

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Punbb Punbb	Version 1.0.1
Punbb Punbb	Version 1.0
Punbb Punbb	Version 1.0_alpha
Punbb Punbb	Version 1.0_beta1
Punbb Punbb	Version 1.0_beta2
Punbb Punbb	Version 1.0_beta3
Punbb Punbb	Version 1.0_rc1
Punbb Punbb	Version 1.0_rc2
Punbb Punbb	Version 1.1.1
Punbb Punbb	Version 1.1.2
Punbb Punbb	Version 1.1.3
Punbb Punbb	Version 1.1.4
Punbb Punbb	Version 1.1.5
Punbb Punbb	Version 1.1
Punbb Punbb	Version 1.2.1
Punbb Punbb	Version 1.2.2
Punbb Punbb	Version 1.2.3
Punbb Punbb	Version 1.2.4
Punbb Punbb	Version 1.2.5
Punbb Punbb	Version 1.2.6

References (18)

http://punbb.org/changelogs/1.2.6_to_1.2.7.txt

Source: cve@mitre.org

http://secunia.com/advisories/16775

Source: cve@mitre.org

http://www.osvdb.org/19382

Source: cve@mitre.org

http://www.punbb.org/changelogs/1.2.6_to_1.2.7.txt

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/422088/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/422267/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/14808

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2005/1708

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/22234

Source: cve@mitre.org

http://punbb.org/changelogs/1.2.6_to_1.2.7.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/16775

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/19382

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.punbb.org/changelogs/1.2.6_to_1.2.7.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/422088/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/422267/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/14808

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.vupen.com/english/advisories/2005/1708

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/22234

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.