CVE-2006-3841

2006-07-2523:00:00

mitre

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL.

References

lists.grok.org.uk/pipermail/full-disclosure/2006-July/047995.html

moritz-naumann.com/adv/0012/webscarabxss/0012.txt

secunia.com/advisories/21114

securityreason.com/securityalert/1276

www.securityfocus.com/archive/1/440441/100/0/threaded

www.securityfocus.com/bid/19063

www.vupen.com/english/advisories/2006/2878

exchange.xforce.ibmcloud.com/vulnerabilities/27797