CVE-2006-1820

Опубликовано: 18 апр. 2006

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability.

Ссылки

http://secunia.com/advisories/19645
http://securitytracker.com/id?1015940
http://www.securityfocus.com/archive/1/431010/100/0/threaded
http://www.securityfocus.com/bid/17533
Exploit
http://www.vupen.com/english/advisories/2006/1383
https://exchange.xforce.ibmcloud.com/vulnerabilities/25894
http://secunia.com/advisories/19645
http://securitytracker.com/id?1015940
http://www.securityfocus.com/archive/1/431010/100/0/threaded
http://www.securityfocus.com/bid/17533
Exploit
http://www.vupen.com/english/advisories/2006/1383
https://exchange.xforce.ibmcloud.com/vulnerabilities/25894

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:modxcms:modxcms:0.9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00622

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cfmw-xxwj-hrcv

github

почти 4 года назад