CVE-2006-2558

2006-05-2401:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.

References

secunia.com/advisories/20246

securitytracker.com/id?1016147

www.securityfocus.com/archive/1/434822/100/0/threaded

www.securityfocus.com/archive/1/435005/30/4740/threaded

www.securityfocus.com/bid/18086

www.vupen.com/english/advisories/2006/1937

exchange.xforce.ibmcloud.com/vulnerabilities/26643