OpenCVE

Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bluecoat	Reporter

Configuration 1 [-]

cpe:2.3:a:bluecoat:reporter:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=111695726810435&w=2
http://secunia.com/advisories/15452
http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html
http://www.osvdb.org/16765
http://www.osvdb.org/16766
http://www.vupen.com/english/advisories/2005/0589

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-05-24T04:00:00

Updated: 2024-08-07T21:59:24.167Z

Reserved: 2005-05-24T00:00:00

Link: CVE-2005-1710

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-05-24T04:00:00.000

Modified: 2024-11-20T23:57:57.337

Link: CVE-2005-1710

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-05-20T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "16765", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16765"}, {"name": "15452", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/15452"}, {"name": "20050524 Blue Coat Reporter multiple remote vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"}, {"name": "16766", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/16766"}, {"name": "ADV-2005-0589", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/0589"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1710", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "16765", "refsource": "OSVDB", "url": "http://www.osvdb.org/16765"}, {"name": "15452", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15452"}, {"name": "20050524 Blue Coat Reporter multiple remote vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"}, {"name": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html", "refsource": "CONFIRM", "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"}, {"name": "16766", "refsource": "OSVDB", "url": "http://www.osvdb.org/16766"}, {"name": "ADV-2005-0589", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/0589"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T21:59:24.167Z"}, "title": "CVE Program Container", "references": [{"name": "16765", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/16765"}, {"name": "15452", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/15452"}, {"name": "20050524 Blue Coat Reporter multiple remote vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"}, {"name": "16766", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/16766"}, {"name": "ADV-2005-0589", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/0589"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1710", "datePublished": "2005-05-24T04:00:00", "dateReserved": "2005-05-24T00:00:00", "dateUpdated": "2024-08-07T21:59:24.167Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bluecoat:reporter:*:*:*:*:*:*:*:*", "matchCriteriaId": "99757DB4-5255-43D0-B42C-72FC8DC03545", "versionEndIncluding": "7.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page."}], "id": "CVE-2005-1710", "lastModified": "2024-11-20T23:57:57.337", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-05-24T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/15452"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/16765"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/16766"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2005/0589"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=111695726810435&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/15452"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/16765"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/16766"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/0589"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}