CVE-2006-3974
CVE-2006-3974 affects 3Com OfficeConnect Secure Router firmware 1.04-168, where a cross-site scripting (XSS) flaw in the admin CGI (cgi-bin/admin) allows remote attackers to inject arbitrary web script or HTML via the tk parameter. The NVD entry records a CVSS v2 base score of 4.3 (Medium) with n...