Lucene search

[email protected]CVE-2006-1761

HistoryApr 13, 2006 - 1:06 a.m.

CVE-2006-1761

2006-04-1301:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1761

cross-site scripting

xss

vulnerability

index.php

remote attackers

web script

html

sanitization

error message

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.5%

JSON

Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message. NOTE: the vector in the shard parameter is not XSS and has been assigned a separate name.

Affected configurations

NVD

Node

blursoftblur6exMatch0.3.462

CPENameOperatorVersion
blursoft:blur6exblursoft blur6exeq0.3.462

CPE	Name	Operator	Version
blursoft:blur6ex	blursoft blur6ex	eq	0.3.462

References

www.attrition.org/pipermail/vim/2006-April/000691.html

www.securityfocus.com/archive/1/430607/100/0/threaded

www.securityfocus.com/archive/1/430885/100/0/threaded

www.securityfocus.com/bid/17465

exchange.xforce.ibmcloud.com/vulnerabilities/25757

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2006-1761

prion1 nvd1 cvelist1