CVE-2006-6600

2006-12-1522:00:00

mitre

www.cve.org

cve-2006-6600

xss

dir.php

AI Score

5.7

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582

secunia.com/advisories/23270