Lucene search
HistoryAug 07, 2006 - 7:04 p.m.
CVE-2006-4016
cve-2006-4016
xss vulnerability
toendacms
web script injection
html injection
6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.9%
Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via the s parameter.
Affected configurations
Node
toenda_software_developmenttoendacmsRange≤stable_1.0.3
ORtoenda_software_developmenttoendacmsRange≤unstable_1.1
6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.9%
Related for CVE-2006-4016