MidnightBSD

Advisories for ringtail

CVE-2005-3479 MEDIUM

Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ringtail casebook 6.1.0
CVE-2005-3480 MEDIUM

login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ringtail casebook 6.1.0