The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.
References
Link | Resource |
---|---|
http://secunia.com/advisories/17655 | Vendor Advisory |
http://www.securityfocus.com/archive/1/417218 | Vendor Advisory |
http://secunia.com/advisories/17655 | Vendor Advisory |
http://www.securityfocus.com/archive/1/417218 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:02
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/17655 - Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/417218 - Vendor Advisory |
Information
Published : 2005-11-22 23:03
Updated : 2024-11-21 00:02
NVD link : CVE-2005-3764
Mitre link : CVE-2005-3764
CVE.ORG link : CVE-2005-3764
JSON object : View
Products Affected
exponent
- exponent
CWE