6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.8%
Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters. NOTE: some of these details are obtained from third party information.
CPE | Name | Operator | Version |
---|---|---|---|
jiros:links_manager | jiros links manager | eq | 1.0 |
secunia.com/advisories/23063
securityreason.com/securityalert/1924
securitytracker.com/id?1017280
www.frsirt.com/english/reference-2006-4664-1.php
www.securityfocus.com/archive/1/452265/100/0/threaded
www.securityfocus.com/bid/21226
www.vupen.com/english/advisories/2006/4664
exchange.xforce.ibmcloud.com/vulnerabilities/30465