CVE-2006-0172

Опубликовано: 11 янв. 2006

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting.

Ссылки

http://secunia.com/advisories/18411
Vendor Advisory
http://www.securenetwork.it/advisories/sn-2006-01.html
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/421392/100/0/threaded
http://www.securityfocus.com/bid/16195
Exploit
http://www.vupen.com/english/advisories/2006/0145
https://exchange.xforce.ibmcloud.com/vulnerabilities/24067
http://secunia.com/advisories/18411
Vendor Advisory
http://www.securenetwork.it/advisories/sn-2006-01.html
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/421392/100/0/threaded
http://www.securityfocus.com/bid/16195
Exploit
http://www.vupen.com/english/advisories/2006/0145
https://exchange.xforce.ibmcloud.com/vulnerabilities/24067

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hummingbird:enterprise_collaboration:*:*:*:*:*:*:*:*

Версия до 5.21 (включая)

cpe:2.3:a:hummingbird:enterprise_collaboration:5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00475

Низкий

3.5 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wgvx-2h9f-r433

github

почти 4 года назад