ByteOS Network

NVD Vulnerability Details :

CVE-2005-1189

Deferred

Source-cve@mitre.org

Published At-02 May, 2005 | 04:00

Updated At-03 Apr, 2025 | 01:03

Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

webcamxp>>webcamxp_pro>>Versions up to 2.16.467(inclusive)

cpe:2.3:a:webcamxp:webcamxp_pro:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Evaluator Solution

The vulnerability has reportedly been fixed in the beta version 2.16.478.

References

Hyperlink	Source	Resource
http://secunia.com/advisories/14999	cve@mitre.org	N/A
http://securitytracker.com/id?1013753	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/20166	cve@mitre.org	N/A
http://secunia.com/advisories/14999	af854a3a-2127-422b-91ae-364da2661108	N/A
http://securitytracker.com/id?1013753	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/20166	af854a3a-2127-422b-91ae-364da2661108	N/A