Lucene search

K
cve[email protected]CVE-2006-4016
HistoryAug 07, 2006 - 7:04 p.m.

CVE-2006-4016

2006-08-0719:04:00
web.nvd.nist.gov
23
cve-2006-4016
xss vulnerability
toendacms
web script injection
html injection

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.9%

Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via the s parameter.

Affected configurations

NVD
Node
toenda_software_developmenttoendacmsRangestable_1.0.3
OR
toenda_software_developmenttoendacmsRangeunstable_1.1

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.9%

Related for CVE-2006-4016