CVE-2006-1325 - Cross-site scripting (XSS) vulnerability in Streber 0.055 allows remote attackers to inject arbitrar

CVE-2006-1325

Summary

Cross-site scripting (XSS) vulnerability in Streber 0.055 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. The vulnerability has been fixed in version 0.055 (development release).

References

http://secunia.com/advisories/19263
http://www.securityfocus.com/bid/17157
http://www.streber-pm.org/phpBB2/viewtopic.php?p=491#491
http://www.vupen.com/english/advisories/2006/1005
https://exchange.xforce.ibmcloud.com/vulnerabilities/25317

Vulnerable Configurations

cpe:2.3:a:streber:streber:*:*:*:*:*:*:*:*
cpe:2.3:a:streber:streber:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	17157
confirm	http://www.streber-pm.org/phpBB2/viewtopic.php?p=491#491
secunia	19263
vupen	ADV-2006-1005
xf	streber-xss(25317)

Last major update

20-07-2017 - 01:30

Published

21-03-2006 - 01:06

Last modified

20-07-2017 - 01:30