CVE-2004-1849: XSS
First published: Wed Mar 24 2004(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| cPanel | =9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-1849?
CVE-2004-1849 has a moderate severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2004-1849?
To fix CVE-2004-1849, upgrade cPanel to a version beyond 9.1.0 that addresses the XSS vulnerabilities.
What systems are affected by CVE-2004-1849?
CVE-2004-1849 affects cPanel version 9.1.0.
What types of vulnerabilities are present in CVE-2004-1849?
CVE-2004-1849 contains multiple cross-site scripting (XSS) vulnerabilities.
Who can exploit CVE-2004-1849?
Remote attackers can exploit CVE-2004-1849 to inject arbitrary web script or HTML.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/cpanel
- canonical/cpanel
- version/cpanel/9.1