CVE-2006-6401

2006-12-1002:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter.

References

marc.info/?l=bugtraq&m=116344068502988&w=2

secunia.com/advisories/22813

securitytracker.com/id?1017210

www.osvdb.org/30319

www.vupen.com/english/advisories/2006/4468