Lucene search
K

6 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Sage 1.3.6 Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/09/12 4:7 p.m.35 views

CVE-2006-4712

Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...

6.8CVSS5.9AI score0.02071EPSS
Exploits1References1
NVD
NVD
added 2006/09/12 4:7 p.m.23 views

CVE-2006-4712

Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...

6.8CVSS5.6AI score0.02071EPSS
Exploits1References11
Cvelist
Cvelist
added 2006/09/12 4:0 p.m.27 views

CVE-2006-4712

Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...

5.6AI score0.02071EPSS
Exploits1References11
CVE
CVE
added 2006/09/12 4:0 p.m.60 views

CVE-2006-4712

CVE-2006-4712 affects Sage 1.3.6 and describes multiple XSS vulnerabilities in which remote attackers can inject arbitrary script via a content:encoded element in an RSS feed, demonstrated by four content:encoded elements that use XMLHttpRequest to read local files (Cross Context Scripting). The ...

6.8CVSS5.6AI score0.02071EPSS
Exploits1References11Affected Software1
Exploit DB
Exploit DB
added 2006/09/08 12:0 a.m.25 views

Sage 1.3.6 - Input Validation

source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...

7.4AI score
Exploits0
Rows per page
Query Builder