Lucene search

[email protected]CVE-2006-2966

HistoryJun 12, 2006 - 8:06 p.m.

CVE-2006-2966

2006-06-1220:06:00

[email protected]

web.nvd.nist.gov

cve-2006-2966

cross-site scripting

xss

particle soft particle wiki

nvd

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON

Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains “/**/” comment sequences, which bypasses the XSS protection scheme.

Affected configurations

NVD

Node

particle_softparticle_wikiMatch1.0.2

CPENameOperatorVersion
particle_soft:particle_wikiparticle soft particle wikieq1.0.2

CPE	Name	Operator	Version
particle_soft:particle_wiki	particle soft particle wiki	eq	1.0.2

References

securityreason.com/securityalert/1070

www.securityfocus.com/archive/1/436121/100/0/threaded

www.vupen.com/english/advisories/2006/2170

exchange.xforce.ibmcloud.com/vulnerabilities/26952

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2006-2966

nvd1 prion1 cvelist1