{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-09-17T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20040907 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html"}, {"name": "12587", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/12587/"}, {"name": "11209", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11209"}, {"name": "20040917 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html"}, {"name": "webintelligence-input-document-xss(17419)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17419"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0534", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20040907 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html"}, {"name": "12587", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12587/"}, {"name": "11209", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11209"}, {"name": "20040917 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html"}, {"name": "webintelligence-input-document-xss(17419)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17419"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:24:26.211Z"}, "title": "CVE Program Container", "references": [{"name": "20040907 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html"}, {"name": "12587", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/12587/"}, {"name": "11209", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11209"}, {"name": "20040917 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue", "tags": ["mailing-list", "x_refsource_VULNWATCH", "x_transferred"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html"}, {"name": "webintelligence-input-document-xss(17419)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17419"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0534", "datePublished": "2005-04-14T04:00:00", "dateReserved": "2004-06-04T00:00:00", "dateUpdated": "2024-08-08T00:24:26.211Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:businessobjects:infoview:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "B12AEC6B-5077-47E6-8B54-90B712543AF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:infoview:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F0F131CD-671F-4A6F-AEF3-0FDC6A7E5EAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:infoview:5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E2D3BFC4-E028-41DD-BC37-C85403EDE1D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:infoview:5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "5BFC8418-5FC6-4B64-9203-F6AAEAF02CC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:infoview:5.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "88324C77-F20E-4E20-AA5D-D368679647E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:webintelligence:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "18F930C0-1A43-4278-9F6F-DD06D96DC97E", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:webintelligence:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "254A598E-EC81-416E-AB66-BA9072B19FD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:webintelligence:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "83D8F4AE-72BB-409E-A94E-611DF7FFEAB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:webintelligence:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "6321B477-A1D0-47C1-AF11-F667C936D3C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:businessobjects:webintelligence:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "92270BD8-E8C9-47F9-93B7-ACCF863D9275", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document."}], "id": "CVE-2004-0534", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-09-17T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/12587/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11209"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17419"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0057.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/12587/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/11209"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17419"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}