{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T23:40:24.300","vulnerabilities":[{"cve":{"id":"CVE-2004-2475","sourceIdentifier":"cve@mitre.org","published":"2004-12-31T05:00:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section.  NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.41:*:*:*:*:*:*:*","matchCriteriaId":"90B18B24-8E0C-41B3-9354-2506A05734A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.42:*:*:*:*:*:*:*","matchCriteriaId":"B41A4120-18F1-43B1-96B1-B97655671866"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.43:*:*:*:*:*:*:*","matchCriteriaId":"64280CDE-BEB8-4A8D-A5B9-1F850ED002F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.44:*:*:*:*:*:*:*","matchCriteriaId":"FC8876EA-F6FD-4EE9-A63E-31610525CC74"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.45:*:*:*:*:*:*:*","matchCriteriaId":"599A6B58-9915-4D72-A850-7A34EE85159F"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.47:*:*:*:*:*:*:*","matchCriteriaId":"0708ABF8-989D-4879-90D9-93D4D237F270"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.48:*:*:*:*:*:*:*","matchCriteriaId":"C06A2E25-81C2-4645-A652-055A3E37F5FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.49:*:*:*:*:*:*:*","matchCriteriaId":"6D763CC4-8E6D-40B3-A663-DA7148F66CFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.53:*:*:*:*:*:*:*","matchCriteriaId":"3B195D15-29BC-42B3-B931-696CC0527D2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.54:*:*:*:*:*:*:*","matchCriteriaId":"DAB91C2C-86DC-406C-89A1-2163B15F46E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.55:*:*:*:*:*:*:*","matchCriteriaId":"D29CB61F-61B1-4710-9E8C-7D97060C0F26"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.56:*:*:*:*:*:*:*","matchCriteriaId":"614061C9-AE7A-46B5-BD53-75CD69F15C44"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.57:*:*:*:*:*:*:*","matchCriteriaId":"19A0D7E9-70F2-484B-8FA8-5B48052A46D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.58:*:*:*:*:*:*:*","matchCriteriaId":"0200C2A1-578F-45F2-B677-9091BC49EF93"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.59:*:*:*:*:*:*:*","matchCriteriaId":"C630B01A-755E-4A80-BFF0-446415E87BE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:1.1.60:*:*:*:*:*:*:*","matchCriteriaId":"F5F7D4F8-C073-4115-806D-89973A4C2C4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:2.0.114.1:*:*:*:*:*:*:*","matchCriteriaId":"08B504D6-EE8A-4BEA-AC79-807ECB97E273"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:toolbar:2.0.114.1:*:big_en_ggld:*:*:*:*:*","matchCriteriaId":"9B09625F-1DE4-4E2F-8B38-B8856C5731AD"}]}]}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2004-09/0226.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0629.html","source":"cve@mitre.org"},{"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0639.html","source":"cve@mitre.org"},{"url":"http://securitytracker.com/id?1011351","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.osvdb.org/10037","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/11210","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17435","source":"cve@mitre.org"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2004-09/0226.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0629.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0639.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1011351","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.osvdb.org/10037","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/11210","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17435","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}