Lucene search

[email protected]CVE-2006-0233

HistoryJan 18, 2006 - 12:07 a.m.

CVE-2006-0233

2006-01-1800:07:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2006-0233

xss

remote attack

web script injection

html injection

javascript uri

bbcode tag

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

Cross-site scripting (XSS) vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a [url] BBcode tag.

Affected configurations

NVD

Node

microblogmicroblogMatch2.0_rc10

CPENameOperatorVersion
microblog:microblogmicroblogeq2.0_rc10

CPE	Name	Operator	Version
microblog:microblog	microblog	eq	2.0_rc10

References

evuln.com/vulns/36/summary.html

securitytracker.com/id?1015496

www.securityfocus.com/archive/1/422145/100/0/threaded

www.securityfocus.com/bid/16272

exchange.xforce.ibmcloud.com/vulnerabilities/24140

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

Related for CVE-2006-0233

prion1 cvelist1 nvd1