CVE-2005-0548

Solaris AnswerBook2 Documentation 1.4.4 - Cross-Site Scripting via Search Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0548.

AI-analyzed exploit summary The document describes a cross-site scripting (XSS) vulnerability in Sun Solaris AnswerBook2 versions 1.4.4 and prior, affecting the Search function and admin interface. It includes proof-of-concept URLs demonstrating the XSS payloads but does not contain functional exploit code.

Description

Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function.

Exploits (1)

exploitdb WRITEUP
webappssolaris
https://www.exploit-db.com/exploits/10386

The document describes a cross-site scripting (XSS) vulnerability in Sun Solaris AnswerBook2 versions 1.4.4 and prior, affecting the Search function and admin interface. It includes proof-of-concept URLs demonstrating the XSS payloads but does not contain functional exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Sun Solaris AnswerBook2 <= 1.4.4
No auth needed
Prerequisites: Access to the vulnerable AnswerBook2 web interface
MITRE ATT&CK
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111205163531628&w=2
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000230.1-1
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57737-1

Scores

EPSS 0.0169
EPSS Percentile 74.0%

Details

Status published
Products (7)
sun/solaris_answerbook2 1.2
sun/solaris_answerbook2 1.3
sun/solaris_answerbook2 1.4
sun/solaris_answerbook2 1.4.1
sun/solaris_answerbook2 1.4.2
sun/solaris_answerbook2 1.4.3
sun/solaris_answerbook2 1.4.4
Published Mar 07, 2005
Tracked Since Feb 18, 2026