CVE-2006-1222
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.3%
Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the (1) memo box title, (2) user email, and (3) homepage fields.
Affected configurations
References
lists.grok.org.uk/pipermail/full-disclosure/2006-March/042872.html
secunia.com/advisories/19214
www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdf
www.nzeo.com/bbs/zboard.php?id=cgi_bugreport2&no=5406
www.osvdb.org/23847
www.securityfocus.com/archive/1/427466/100/0/threaded
www.securityfocus.com/bid/17075
www.vupen.com/english/advisories/2006/0944
exchange.xforce.ibmcloud.com/vulnerabilities/25212
Related
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.3%