PT-2005-1946 · Adventia · Adventia Server Pro+1

Published

2005-03-29

Updated

2017-07-11

CVE-2005-0919

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Adventia Chat version 3.1 Adventia Server Pro version 3.0

Description The issue allows remote attackers to inject arbitrary web script or HTML into the chat space. This leaves other users vulnerable to cross-site scripting (XSS) attacks, which can lead to unauthorized actions on behalf of the user.

Recommendations For Adventia Chat version 3.1, update to a version that fixes the cross-site scripting issue. For Adventia Server Pro version 3.0, update to a version that fixes the cross-site scripting issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0919

Affected Products

Adventia Chat

Adventia Server Pro

PT-2005-1946 · Adventia · Adventia Server Pro+1

CVE-2005-0919

Related Identifiers

Affected Products

References · 8