Lucene search

[email protected]NVD:CVE-2006-0857

HistoryFeb 23, 2006 - 11:02 p.m.

CVE-2006-0857

2006-02-2323:02:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

61.2%

JSON

Cross-site scripting (XSS) vulnerability in Chatbox Plugin 1.0 in e107 0.7.2 allows remote attackers to inject arbitrary HTML or web script via a Chatbox, as demonstrated using a SCRIPT element.

Affected configurations

Nvd

Node

e107chatbox_pluginMatch1.0

e107e107Match0.7.2

VendorProductVersionCPE
e107chatbox_plugin1.0cpe:2.3:a:e107:chatbox_plugin:1.0:*:*:*:*:*:*:*
e107e1070.7.2cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
e107	chatbox_plugin	1.0	cpe:2.3:a:e107:chatbox_plugin:1.0:::::::*
e107	e107	0.7.2	cpe:2.3:a:e107:e107:0.7.2:::::::*

References

www.securityfocus.com/archive/1/425388/100/0/threaded

www.securityfocus.com/bid/16719

exchange.xforce.ibmcloud.com/vulnerabilities/24815

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

61.2%

JSON

Related for NVD:CVE-2006-0857

cvelist1 exploitdb1 cve1 prion1