CVE-2005-4379

Name: CVE-2005-4379
Creator: NVD / NIST
Published: 2005-12-20T02:03:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.67%

Last modified Jun 16, 2026

CVE-2005-4379 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to inject arbitrary web script or HTML via the (1) sort_mode parameter to (a) fisheye/list_galleries.php, (b) messages/message_box.php, and (c) users/my.php; the (2) post_id parameter to (d) blogs/view_post.php; the (3) blog_id parameter to (e) blogs/view.php; and the (4) search field to (f) users/my_groups.php.. EPSS estimates a 1.67% chance of exploitation in the next 30 days.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to inject arbitrary web script or HTML via the (1) sort_mode parameter to (a) fisheye/list_galleries.php, (b) messages/message_box.php, and (c) users/my.php; the (2) post_id parameter to (d) blogs/view_post.php; the (3) blog_id parameter to (e) blogs/view.php; and the (4) search field to (f) users/my_groups.php.

Metrics

EPSS Probability

1.67%

73.9th percentile

Probability of exploitation in the next 30 days. Learn more

References

Timeline

Published: Dec 20, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-4379?

How severe is CVE-2005-4379?

Severity scoring for CVE-2005-4379 is pending analysis. The EPSS model estimates a 1.67% probability of exploitation in the next 30 days.

How do I fix CVE-2005-4379?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-4379?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST