CVE-2006-2524

Опубликовано: 22 мая 2006

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when processing the user date format.

Ссылки

http://secunia.com/advisories/20187
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=418462&group_id=93103
Patch
http://www.osvdb.org/25684
http://www.usebb.net/community/topic.php?id=1130
Patch
http://www.vupen.com/english/advisories/2006/1900
https://exchange.xforce.ibmcloud.com/vulnerabilities/26600
http://secunia.com/advisories/20187
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=418462&group_id=93103
Patch
http://www.osvdb.org/25684
http://www.usebb.net/community/topic.php?id=1130
Patch
http://www.vupen.com/english/advisories/2006/1900
https://exchange.xforce.ibmcloud.com/vulnerabilities/26600

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:usebb:usebb:1.0_rc1:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01631

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p4g9-3ph6-p8j6

github

почти 4 года назад