Lucene search
HistoryFeb 28, 2006 - 11:02 a.m.
CVE-2006-0916
cve-2006-0916
bugzilla
url redirection
security vulnerability
nvd
6.3 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.4%
Bugzilla 2.19.3 through 2.20 does not properly handle “//” sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user’s browser to send the form data to another domain.
Related
cvelist
cvelist
CVE-2006-0916
2006-02-28 11:00:00
prion
prion
Design/Logic Flaw
2006-02-28 11:02:00
ubuntucve
ubuntucve
CVE-2006-0916
2006-02-28 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2006-02-20 00:00:00
openvas
openvas
FreeBSD Ports: bugzilla
2008-09-04 00:00:00
FreeBSD Ports: bugzilla
2008-09-04 00:00:00
nessus
nessus
6.3 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.4%
Related for CVE-2006-0916