Lucene search

[email protected]CVE-2006-1899

HistoryApr 20, 2006 - 10:02 a.m.

CVE-2006-1899

2006-04-2010:02:00

[email protected]

web.nvd.nist.gov

cve

2006

1899

cross-site scripting

xss

neuron blog

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters.

Affected configurations

NVD

Node

devneuron_blogMatch1.1

CPENameOperatorVersion
dev:neuron_blogdev neuron blogeq1.1

CPE	Name	Operator	Version
dev:neuron_blog	dev neuron blog	eq	1.1

References

secunia.com/advisories/19703

securitytracker.com/id?1015960

www.securityfocus.com/archive/1/431131/100/0/threaded

www.securityfocus.com/bid/17552

www.vupen.com/english/advisories/2006/1406

exchange.xforce.ibmcloud.com/vulnerabilities/25913

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2006-1899

nvd1 cvelist1 prion1