CVE-2006-6211

2006-12-0101:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.022

Percentile

89.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to (a) admin/admincore.php, the (2) month parameter to (b) admin/comments.php or © admin/entries.php, or the (3) page parameter to (d) admin/logs.php, different vectors than CVE-2006-5064.

References

securityreason.com/securityalert/1945

www.securityfocus.com/archive/1/452084/100/200/threaded

www.securityfocus.com/bid/21184

exchange.xforce.ibmcloud.com/vulnerabilities/30428