Unrated severityNVD Advisory· Published May 11, 2005· Updated Apr 16, 2026

CVE-2005-1492

Description

Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

Affected products

Gossamer Threads/Gossamer Threads Links2 versions
cpe:2.3:a:gossamer_threads:gossamer_threads_links:2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gossamer_threads:gossamer_threads_links:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gossamer_threads:gossamer_threads_links:2.2.0:*:*:*:*:*:*:*
Gossamer Threads/Gossamer Threads Links SQL
cpe:2.3:a:gossamer_threads:gossamer_threads_links-sql:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploitPatch
www.securityfocus.com/bid/13484nvdExploit
www.gossamer-threads.com/forum/Gossamer_Links_3.0.1_Released_P280986/nvdVendor Advisory
gossamer-threads.com/perl/gforum/gforum.cginvd
marc.infonvd
secunia.com/advisories/15253nvd
www.osvdb.org/16189nvd
exchange.xforce.ibmcloud.com/vulnerabilities/20415nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000