Low severityNVD Advisory· Published Dec 16, 2005· Updated Jun 16, 2026
CVE-2005-4294
CVE-2005-4294
Description
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | < 6.0.3 | 6.0.3 |
Affected products
3Patches
Vulnerability mechanics
References
10- secunia.com/advisories/18046nvdPatchVendor Advisory
- www.opencms.org/opencms/en/download/opencms.htmlnvdPatchWEB
- github.com/advisories/GHSA-g4fc-j79q-gjrhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2005-4294ghsaADVISORY
- www.scip.ch/cgi-bin/smss/showadvf.plnvdWEB
- github.com/alkacon/opencms-core/commit/148f2126f61bf5fa3d9f8c669889ccab3b9dceacghsaWEB
- archives.neohapsis.com/archives/fulldisclosure/2005-12/0640.htmlnvd
- securitytracker.com/idnvd
- www.securityfocus.com/bid/15882nvd
- www.vupen.com/english/advisories/2005/2923nvd
News mentions
0No linked articles in our index yet.