Lucene search

K

MitreCVELIST:CVE-2006-0254

HistoryJan 18, 2006 - 2:00 a.m.

CVE-2006-0254

2006-01-1802:00:00

mitre

www.cve.org

1

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.

References

issues.apache.org/jira/browse/GERONIMO-1474

rhn.redhat.com/errata/RHSA-2008-0630.html

secunia.com/advisories/18485

secunia.com/advisories/31493

www.oliverkarow.de/research/geronimo_css.txt

www.redhat.com/support/errata/RHSA-2008-0261.html

www.securityfocus.com/archive/1/421996/100/0/threaded

www.securityfocus.com/bid/16260

www.vupen.com/english/advisories/2006/0217

exchange.xforce.ibmcloud.com/vulnerabilities/24158

exchange.xforce.ibmcloud.com/vulnerabilities/24159

issues.apache.org/jira/secure/ReleaseNote.jspa?version=12310181&styleName=Html&projectId=10220&Create=Create

7.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

Related for CVELIST:CVE-2006-0254

nvd2 nessus4 cve2 prion1 osv2 github2 cvelist1 ubuntucve1 redhat4 ibm1