CVE-2006-2851

2006-06-0620:03:00

mitre

www.cve.org

AI Score

5.6

Confidence

High

EPSS

0.004

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using Internet Explorer.

References

jvn.jp/jp/JVN%2397636431/index.html

secunia.com/advisories/20418

sourceforge.net/project/shownotes.php?release_id=422371

www.securityfocus.com/bid/18275

www.vupen.com/english/advisories/2006/2124

exchange.xforce.ibmcloud.com/vulnerabilities/26904