CVE-2006-6089

2006-11-2418:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in addpost1.asp in BaalAsp forum allow remote attackers to inject arbitrary web script or HTML via the (1) title (Subject), (2) groupname (Group Name), or (3) detail (Message) field.

References

s-a-p.ca/index.php?page=OurAdvisories&id=35

secunia.com/advisories/22943

securityreason.com/securityalert/1913

www.securityfocus.com/archive/1/451846/100/100/threaded

www.securityfocus.com/bid/21111

www.vupen.com/english/advisories/2006/4579

exchange.xforce.ibmcloud.com/vulnerabilities/30344