CVE-2006-6600

2022-10-0316:21:22

mitre

www.cve.org

cve-2006-6600

xss

dir.php

5.7 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.4%

JSON

Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582

secunia.com/advisories/23270