Lucene search

[email protected]CVE-2006-1215

HistoryMar 14, 2006 - 2:02 a.m.

CVE-2006-1215

2006-03-1402:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1215

cross-site scripting

xss vulnerability

woltlab burning board

web security

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.0%

JSON

Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the percent parameter. NOTE: this issue has been disputed in a followup post, although the original disclosure might be related to reflected XSS.

Affected configurations

NVD

Node

woltlabburning_boardMatch2.3.4

CPENameOperatorVersion
woltlab:burning_boardwoltlab burning boardeq2.3.4

CPE	Name	Operator	Version
woltlab:burning_board	woltlab burning board	eq	2.3.4

References

www.securityfocus.com/archive/1/426766

www.securityfocus.com/archive/1/426816/30/0/threaded

www.securityfocus.com/bid/16959

exchange.xforce.ibmcloud.com/vulnerabilities/25156

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for CVE-2006-1215

prion1 nvd1 cvelist1