ID |
CVE-2006-0984
|
Summary |
Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo 2.2.178 allows remote attackers to inject arbitrary web script or HTML via the gTopNombre parameter. This vulnerability affects EJ3, TOPo version 2.2.178, and possibly all previous versions. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.3 (as of 18-10-2018 - 16:30) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bid | 16879 | bugtraq | 20060228 EJ3 TOPo - Cross Site Scripting Vulnerability | osvdb | 23541 | secunia | 19070 | sreason | 511 | vupen | ADV-2006-0775 | xf | topo-incheader-xss(24980) |
|
Last major update |
18-10-2018 - 16:30 |
Published |
03-03-2006 - 11:02 |
Last modified |
18-10-2018 - 16:30 |