AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2005-4879: Multiple cross-site scripting (XSS) vulnerabilities in jax_guestbook.php in Jax Guestbook 3.1 and 3.31 allow remote atta

infovulnerability

security

Source: NVD/CVE DatabaseMarch 31, 2009CVE-2005-4879

Summary

Jax Guestbook versions 3.1, 3.31, and 3.50 contain multiple cross-site scripting (XSS) vulnerabilities, which allow attackers to inject malicious web scripts or HTML code through the gmt_ofs and language parameters in the jax_guestbook.php file. XSS is a type of attack where an attacker tricks a website into running their code in a user's browser, potentially stealing data or session information.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2005-4879

First tracked: February 15, 2026 at 08:43 PM

Classified by LLM (prompt v3) · confidence: 95%