Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2006-6166
cve-2006-6166
xss
jce
joomla content editor
ryan demmer
security vulnerability
nvd
5.7 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.5%
Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.0.4 for Joomla! (com_jce), without the 20060821 jce_patch, allows remote attackers to inject arbitrary web script or HTML via the mosConfig_live_site parameter.
Affected configurations
Node
ryan_demmerjoomla_content_editorMatch1.0.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| ryan_demmer:joomla_content_editor | ryan demmer joomla content editor | eq | 1.0.4 |
Related
cvelist
cvelist
CVE-2006-6166
2022-10-03 16:21:22
CVE-2006-6420
2006-12-10 11:00:00
nvd
nvd
CVE-2006-6166
2006-11-29 02:28:00
CVE-2006-6420
2006-12-10 11:28:00
cve
cve
CVE-2006-6420
2006-12-10 11:28:00
5.7 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.5%
Related for CVE-2006-6166