CVE-2006-1414

Опубликовано: 28 мар. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in Toast Forums 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, (3) message, or (4) dayprune parameter.

Ссылки

http://pridels0.blogspot.com/2006/03/xss-in-toast-forums-16.html
http://secunia.com/advisories/19401
Exploit
Vendor Advisory
http://www.osvdb.org/24119
Vendor Advisory
http://www.securityfocus.com/bid/17249
Exploit
http://www.vupen.com/english/advisories/2006/1092
https://exchange.xforce.ibmcloud.com/vulnerabilities/25440
http://pridels0.blogspot.com/2006/03/xss-in-toast-forums-16.html
http://secunia.com/advisories/19401
Exploit
Vendor Advisory
http://www.osvdb.org/24119
Vendor Advisory
http://www.securityfocus.com/bid/17249
Exploit
http://www.vupen.com/english/advisories/2006/1092
https://exchange.xforce.ibmcloud.com/vulnerabilities/25440

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:toast_forums:toast_forums:1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00809

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-qr5f-cq65-rfqh

github

почти 4 года назад