Lucene search

[email protected]CVE-2006-0643

HistoryFeb 10, 2006 - 11:02 a.m.

CVE-2006-0643

2006-02-1011:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2006

0643

cross-site scripting

xss

vulnerability

wiredred

e/pop

web conferencing

remote authenticated users

web script

html

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.5%

JSON

Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference.

CPENameOperatorVersion
wiredred:e_pop_web_conferencingwiredred e pop web conferencingeq4.1.0.755

CPE	Name	Operator	Version
wiredred:e_pop_web_conferencing	wiredred e pop web conferencing	eq	4.1.0.755

References

secunia.com/advisories/18753

securityreason.com/securityalert/421

www.osvdb.org/22997

www.securityfocus.com/archive/1/424419/100/0/threaded

www.securityfocus.com/bid/16542

www.vupen.com/english/advisories/2006/0505

exchange.xforce.ibmcloud.com/vulnerabilities/24609

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.5%

JSON

Related for CVE-2006-0643

prion1