CVE-2006-5168

2006-10-0416:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

JSON

Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string.

References

securityreason.com/securityalert/1689

svn.sourceforge.net/viewvc/pebble/trunk/src/net/sourceforge/pebble/search/SearchResults.java?r1=136&r2=206

www.securityfocus.com/archive/1/447503/100/0/threaded

www.securityfocus.com/bid/20298

exchange.xforce.ibmcloud.com/vulnerabilities/29312