CVE-2006-1661

2006-04-0710:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) areaID parameter in area.View.action, (2) time parameter in planning.View.action, and (3) userID parameter in user.View.action.

References

pridels0.blogspot.com/2006/04/skforum-xss-vuln.html

secunia.com/advisories/19484

www.osvdb.org/24430

www.osvdb.org/24431

www.osvdb.org/24432

www.securityfocus.com/bid/17389

www.vupen.com/english/advisories/2006/1260

exchange.xforce.ibmcloud.com/vulnerabilities/25641