CVE-2006-1202

2006-03-1401:00:00

mitre

www.cve.org

AI Score

5.9

Confidence

High

EPSS

0.006

Percentile

77.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mess and (2) user parameters in messanger.php, possibly requiring a URL encoded value.

References

notlegal.ws/textfilebbmessanger.txt

secunia.com/advisories/19149

securitytracker.com/id?1015744

www.securityfocus.com/archive/1/427081/100/0/threaded

www.securityfocus.com/bid/17029

www.vupen.com/english/advisories/2006/0897

exchange.xforce.ibmcloud.com/vulnerabilities/25091