CVE-2006-0140

Опубликовано: 09 янв. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 Stable(2.6.0) and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the (1) b, (2) textlarge, and (3) url bbcode tags.

Ссылки

http://evuln.com/vulns/19/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18345
Exploit
Vendor Advisory
http://www.osvdb.org/22277
http://www.securityfocus.com/archive/1/421149/100/0/threaded
http://www.securityfocus.com/bid/16165
http://www.vupen.com/english/advisories/2006/0092
https://exchange.xforce.ibmcloud.com/vulnerabilities/24021
http://evuln.com/vulns/19/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18345
Exploit
Vendor Advisory
http://www.osvdb.org/22277
http://www.securityfocus.com/archive/1/421149/100/0/threaded
http://www.securityfocus.com/bid/16165
http://www.vupen.com/english/advisories/2006/0092
https://exchange.xforce.ibmcloud.com/vulnerabilities/24021

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:navboard:navboard:16:*:*:*:*:*:*:*

cpe:2.3:a:navboard:navboard:17:beta2:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00731

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-wf2w-6j5g-f5fw

github

почти 4 года назад