CVE-2005-3397

Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows remote attackers to inject arbitrary web script or HTML via the error parameter to comersus_backoffice_supportError.asp. NOTE: the comersus_backoffice_message.asp/message vector is already covered by CVE-2005-2191 item 2.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:*:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.2:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.5:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.10:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.11:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.30:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:4.32:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:5.0:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:6.0:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_lite:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.2:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.5:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.10:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.11:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.30:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:4.32:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:5.0:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:6.0:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_backoffice_plus:6.0.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2005-11-01 12:47

Updated : 2024-02-28 10:42


NVD link : CVE-2005-3397

Mitre link : CVE-2005-3397

CVE.ORG link : CVE-2005-3397


JSON object : View

Products Affected

comersus_open_technologies

  • comersus_backoffice_plus
  • comersus_backoffice_lite