Lucene search

MitreCVE-2006-1696

HistoryApr 11, 2006 - 10:02 a.m.

CVE-2006-1696

2006-04-1110:02:00

mitre

web.nvd.nist.gov

security

vulnerability

xss

gallery

web script

html

remote attackers

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Affected configurations

Nvd

Node

gallery_projectgalleryMatch1.3.4

gallery_projectgalleryMatch1.4

gallery_projectgalleryMatch1.4.1

gallery_projectgalleryMatch1.4.2

gallery_projectgalleryMatch1.4.3_pl1

gallery_projectgalleryMatch1.4.3_pl2

gallery_projectgalleryMatch1.4.4_pl2

gallery_projectgalleryMatch1.4.4_pl3

gallery_projectgalleryMatch1.4.4_pl4

gallery_projectgalleryMatch1.4.4_pl5

gallery_projectgalleryMatch1.4_pl1

gallery_projectgalleryMatch1.4_pl2

gallery_projectgalleryMatch1.5

gallery_projectgalleryMatch1.5.1

gallery_projectgalleryMatch1.5.1_rc2

gallery_projectgalleryMatch1.5.2

gallery_projectgalleryMatch1.5.2_pl1

gallery_projectgalleryMatch1.5.2_pl2

gallery_projectgalleryMatch1.5.2_rc2

gallery_projectgalleryMatch1.5.2_rc3

VendorProductVersionCPE
gallery_projectgallery1.3.4cpe:2.3:a:gallery_project:gallery:1.3.4:*:*:*:*:*:*:*
gallery_projectgallery1.4cpe:2.3:a:gallery_project:gallery:1.4:*:*:*:*:*:*:*
gallery_projectgallery1.4.1cpe:2.3:a:gallery_project:gallery:1.4.1:*:*:*:*:*:*:*
gallery_projectgallery1.4.2cpe:2.3:a:gallery_project:gallery:1.4.2:*:*:*:*:*:*:*
gallery_projectgallery1.4.3_pl1cpe:2.3:a:gallery_project:gallery:1.4.3_pl1:*:*:*:*:*:*:*
gallery_projectgallery1.4.3_pl2cpe:2.3:a:gallery_project:gallery:1.4.3_pl2:*:*:*:*:*:*:*
gallery_projectgallery1.4.4_pl2cpe:2.3:a:gallery_project:gallery:1.4.4_pl2:*:*:*:*:*:*:*
gallery_projectgallery1.4.4_pl3cpe:2.3:a:gallery_project:gallery:1.4.4_pl3:*:*:*:*:*:*:*
gallery_projectgallery1.4.4_pl4cpe:2.3:a:gallery_project:gallery:1.4.4_pl4:*:*:*:*:*:*:*
gallery_projectgallery1.4.4_pl5cpe:2.3:a:gallery_project:gallery:1.4.4_pl5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gallery_project	gallery	1.3.4	cpe:2.3:a:gallery_project:gallery:1.3.4:::::::*
gallery_project	gallery	1.4	cpe:2.3:a:gallery_project:gallery:1.4:::::::*
gallery_project	gallery	1.4.1	cpe:2.3:a:gallery_project:gallery:1.4.1:::::::*
gallery_project	gallery	1.4.2	cpe:2.3:a:gallery_project:gallery:1.4.2:::::::*
gallery_project	gallery	1.4.3_pl1	cpe:2.3:a:gallery_project:gallery:1.4.3_pl1:::::::*
gallery_project	gallery	1.4.3_pl2	cpe:2.3:a:gallery_project:gallery:1.4.3_pl2:::::::*
gallery_project	gallery	1.4.4_pl2	cpe:2.3:a:gallery_project:gallery:1.4.4_pl2:::::::*
gallery_project	gallery	1.4.4_pl3	cpe:2.3:a:gallery_project:gallery:1.4.4_pl3:::::::*
gallery_project	gallery	1.4.4_pl4	cpe:2.3:a:gallery_project:gallery:1.4.4_pl4:::::::*
gallery_project	gallery	1.4.4_pl5	cpe:2.3:a:gallery_project:gallery:1.4.4_pl5:::::::*

Rows per page:

1-10 of 201

References

secunia.com/advisories/19580

sourceforge.net/project/shownotes.php?release_id=408602&group_id=7130

www.osvdb.org/24466

www.securityfocus.com/bid/17437

www.vupen.com/english/advisories/2006/1285

exchange.xforce.ibmcloud.com/vulnerabilities/25707

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Related for CVE-2006-1696