Lucene search

[email protected]CVE-2006-3842

HistoryJul 25, 2006 - 11:04 p.m.

CVE-2006-3842

2006-07-2523:04:00

[email protected]

web.nvd.nist.gov

cve-2006-3842

cross-site scripting

xss

zoho virtual office

remote attackers

web script

html

vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message.

Affected configurations

NVD

Node

adventnetzoho_virtual_officeMatch3.2_build_3210

CPENameOperatorVersion
adventnet:zoho_virtual_officeadventnet zoho virtual officeeq3.2_build_3210

CPE	Name	Operator	Version
adventnet:zoho_virtual_office	adventnet zoho virtual office	eq	3.2_build_3210

References

secunia.com/advisories/21085

securityreason.com/securityalert/1273

www.securityfocus.com/archive/1/440417/100/0/threaded

www.securityfocus.com/bid/19016

exchange.xforce.ibmcloud.com/vulnerabilities/27818

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for CVE-2006-3842

cvelist1 nvd1