Lucene search

[email protected]NVD:CVE-2006-3958

HistoryAug 01, 2006 - 9:04 p.m.

CVE-2006-3958

2006-08-0121:04:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON

Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) “Pages that display task status, email addresses, URL, customer, and project information.”

Affected configurations

Nvd

Node

pkr_internettaskjitsuMatch2.0.3

VendorProductVersionCPE
pkr_internettaskjitsu2.0.3cpe:2.3:a:pkr_internet:taskjitsu:2.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pkr_internet	taskjitsu	2.0.3	cpe:2.3:a:pkr_internet:taskjitsu:2.0.3:::::::*

References

secunia.com/advisories/21242

www.osvdb.org/27637

www.pkrinternet.com/download/RELEASE-NOTES.txt

www.securityfocus.com/bid/19251

www.vupen.com/english/advisories/2006/3058

exchange.xforce.ibmcloud.com/vulnerabilities/28178

www.pkrinternet.com/taskjitsu/task/3477

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON

Related for NVD:CVE-2006-3958

cve1 cvelist1