CVE-2004-2752
Postnuke - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.
Scores
EPSS
0.0028
EPSS Percentile
50.9%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
postnuke_software_foundation/postnuke
Timeline
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026