Lucene search

[email protected]CVE-2006-2141

HistoryMay 02, 2006 - 10:02 a.m.

CVE-2006-2141

2006-05-0210:02:00

[email protected]

web.nvd.nist.gov

cve-2006-2141

cross-site scripting

xss

popup_image

cps 3.4.0

collaborative portal server

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

JSON

Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument.

Affected configurations

NVD

Node

collaborative_portal_server_projectcollaborative_portal_serverMatch3.4.0

CPENameOperatorVersion
collaborative_portal_server_project:collaborative_portal_servercollaborative portal server project collaborative portal servereq3.4.0

CPE	Name	Operator	Version
collaborative_portal_server_project:collaborative_portal_server	collaborative portal server project collaborative portal server	eq	3.4.0

References

pridels0.blogspot.com/2006/04/cps-340-xss.html

secunia.com/advisories/19879

www.osvdb.org/25144

www.securityfocus.com/bid/17774

www.vupen.com/english/advisories/2006/1589

exchange.xforce.ibmcloud.com/vulnerabilities/26155

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

JSON

Related for CVE-2006-2141

cvelist1 prion1 nvd1