Lucene search

[email protected]CVE-2006-2252

HistoryMay 09, 2006 - 10:02 a.m.

CVE-2006-2252

2006-05-0910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

openfaq

0.4.0

cross-site scripting

vulnerability

submit.php

nvd

6.7 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.027 Low

EPSS

Percentile

90.4%

JSON

Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

CPENameOperatorVersion
openfaq:openfaqopenfaqeq0.4.0

CPE	Name	Operator	Version
openfaq:openfaq	openfaq	eq	0.4.0

References

secunia.com/advisories/20018

securityreason.com/securityalert/850

www.osvdb.org/25350

www.securityfocus.com/archive/1/433120/100/0/threaded

www.securityfocus.com/bid/17860

www.vupen.com/english/advisories/2006/1684

exchange.xforce.ibmcloud.com/vulnerabilities/26286

6.7 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.027 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2006-2252

prion1