CVE-2005-4599

N/A Unknown

Published: December 31, 2005 Modified: April 16, 2026

Description

Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/18262

Source: cve@mitre.org

Patch Vendor Advisory

http://securitytracker.com/id?1015424

Source: cve@mitre.org

http://tinymce.moxiecode.com/punbb/viewtopic.php?id=2233

Source: cve@mitre.org

Patch

http://tinymce.moxiecode.com/punbb/viewtopic.php?id=2244

Source: cve@mitre.org

http://www.hardened-php.net/advisory_262005.111.html

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/22117

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/420543/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16083

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/23906

Source: cve@mitre.org

http://secunia.com/advisories/18262