Lucene search

[email protected]CVE-2006-4797

HistorySep 14, 2006 - 9:07 p.m.

CVE-2006-4797

2006-09-1421:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4797

cross-site scripting

xss

cloudnine interactive

cj tag board 3.0

security vulnerability

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.0%

JSON

Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter.

Affected configurations

NVD

Node

cj_designcj_tag_boardMatch3.0

CPENameOperatorVersion
cj_design:cj_tag_boardcj design cj tag boardeq3.0

CPE	Name	Operator	Version
cj_design:cj_tag_board	cj design cj tag board	eq	3.0

References

evuln.com/vulns/137/summary.html

securityreason.com/securityalert/1580

www.securityfocus.com/archive/1/445913/100/0/threaded

www.securityfocus.com/bid/20000

exchange.xforce.ibmcloud.com/vulnerabilities/28501

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for CVE-2006-4797

cvelist1 nvd1