CVE-2006-3261

2006-06-2721:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON

Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page, which is not properly sanitized before being displayed in the error log.

References

secunia.com/advisories/20794

securityreason.com/securityalert/1159

securitytracker.com/id?1016372

www.securityfocus.com/archive/1/438158/100/0/threaded

www.securityfocus.com/bid/18619

www.vupen.com/english/advisories/2006/2526

exchange.xforce.ibmcloud.com/vulnerabilities/27388