CVE-2005-1778

Postnuke - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.

References (2)

[Exploit, Mailing List] http://marc.info/?l=bugtraq&m=111721364707520&w=2

[Patch, Vendor Advisory] http://news.postnuke.com/Article2691.html

Scores

EPSS 0.0041

EPSS Percentile 61.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

postnuke_software_foundation/postnuke

Timeline

Published May 31, 2005

Tracked Since Feb 18, 2026