CVE-2006-6844

Опубликовано: 31 дек. 2006

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form.

Ссылки

http://securityreason.com/securityalert/2087
http://securitytracker.com/id?1017445
Exploit
http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt
Exploit
http://www.securityfocus.com/archive/1/455306/100/0/threaded
http://www.securityfocus.com/bid/21756
http://securityreason.com/securityalert/2087
http://securitytracker.com/id?1017445
Exploit
http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt
Exploit
http://www.securityfocus.com/archive/1/455306/100/0/threaded
http://www.securityfocus.com/bid/21756

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01255

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5v2q-43hm-gx3r

github

почти 4 года назад