Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2670
CVE-2004-2670
Description
Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:endonesia:endonesia:8.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:endonesia:endonesia:8.3:*:*:*:*:*:*:*
- (no CPE)range: <=8.3
Patches
Vulnerability mechanics
References
7- echo.or.id/adv/adv02-y3dips-2004.txtnvdExploitVendor Advisory
- www.securityfocus.com/archive/1/370855nvdExploitVendor Advisory
- www.securityfocus.com/bid/10856nvdExploitVendor Advisory
- www.securityfocus.com/bid/8506nvdExploitVendor Advisory
- secunia.com/advisories/12231nvdVendor Advisory
- securitytracker.com/idnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/13041nvd
News mentions
0No linked articles in our index yet.