Lucene search
MitreCVE-2006-0857HistoryFeb 23, 2006 - 11:02 p.m.
CVE-2006-0857
2006-02-2323:02:00
CWE-79
mitre
web.nvd.nist.gov
24
cve-2006-0857
cross-site scripting
xss vulnerability
chatbox plugin
e107 0.7.2
remote attackers
arbitrary html
web script
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
61.2%
Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element.
Affected configurations
Node
e107chatbox_pluginMatch1.0
ORe107e107Match0.7.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| e107 | chatbox_plugin | 1.0 | cpe:2.3:a:e107:chatbox_plugin:1.0:*:*:*:*:*:*:* |
| e107 | e107 | 0.7.2 | cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2006-0857
2006-02-23 23:02:00
cvelist
cvelist
CVE-2006-0857
2006-02-23 23:00:00
exploitdb
exploitdb
E107 Website System 0.7.2 Chatbox Plugin - HTML Injection
2006-02-18 00:00:00
prion
prion
Cross site scripting
2006-02-23 23:02:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
61.2%
Related for CVE-2006-0857