Lucene search

[email protected]CVE-2006-2804

HistoryJun 03, 2006 - 10:02 a.m.

CVE-2006-2804

2006-06-0310:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2804

cross-site scripting

xss

goss intelligent content management

icm 7.0

security vulnerability

remote attack

6.2 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

JSON

Cross-site scripting (XSS) vulnerability in index.cfm in Goss Intelligent Content Management (iCM) 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.

CPENameOperatorVersion
goss:icmgoss icmle7.0

CPE	Name	Operator	Version
goss:icm	goss icm	le	7.0

References

secunia.com/advisories/20372

www.securityfocus.com/bid/18221

www.vupen.com/english/advisories/2006/2089

exchange.xforce.ibmcloud.com/vulnerabilities/26822

6.2 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for CVE-2006-2804

prion1