Unrated severityNVD Advisory· Published Dec 29, 2005· Updated Apr 16, 2026

CVE-2005-4576

Description

Multiple cross-site scripting (XSS) vulnerabilities in the UpdateEngine program in Fatwire UpdateEngine 6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) COUNTRYNAME, (2) EMAIL, and (3) FUELAP_TEMPLATENAME parameters.

Affected products

Fatwire/Updateengine
cpe:2.3:a:fatwire:updateengine:*:*:*:*:*:*:*:*
Range: <=6.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/16073nvdExploit
secunia.com/advisories/18259nvdVendor Advisory
pridels0.blogspot.com/2005/12/fatwire-updateengine-62-multiple-xss.htmlnvd
www.osvdb.org/21936nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23848nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000