PT-2005-3746 · Unknown · Land Down Under

Conor E. Buckley

Published

2005-09-14

Updated

2017-07-11

CVE-2005-2884

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Land Down Under (LDU) versions 801 and earlier

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the Description field in an event. This can lead to the execution of malicious scripts on the client-side.

Recommendations For versions 801 and earlier, update to a version later than 801 to resolve the issue. As a temporary workaround, consider restricting user input in the Description field to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2884

Affected Products

Land Down Under

PT-2005-3746 · Unknown · Land Down Under

CVE-2005-2884

Related Identifiers

Affected Products

References · 5