var-200604-0266
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095. CiscoWorks Wireless LAN Solution Engine (WLSE) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal JSP session cookie-based authentication credentials and launch other attacks. CiscoWorks WLSE is the centralized system-level application for managing and controlling the entire autonomous Cisco WLAN infrastructure. There is a vulnerability in the implementation of the CiscoWorks WLSE configuration management script. Attackers may exploit this vulnerability to obtain sensitive information. The "displayMsg" parameter in /wlse/configure/archive/archiveApplyDisplay.jsp in WLSE devices can lead to a cross-site scripting vulnerability.
This is related to vulnerability #2 in: SA19736
SOLUTION: Apply fixes.
Cisco URT: Update to version 2.5.5(A1) for the URT appliance. http://www.cisco.com/pcgi-bin/tablebuild.pl/urt-3des
Cisco HSE: Apply HSE-PSIRT1 patch.
1) Input passed to the "displayMsg" parameter in "/wlse/configure/archive/archiveApplyDisplay.jsp" in the WLSE appliance web interface is not properly sanitised before being returned to users.
2) Several errors in the "show" CLI application can be exploited to gain a shell account with root privileges from the command line interface.
SOLUTION: Update to version 2.13 or later. http://www.cisco.com/pcgi-bin/tablebuild.pl/wlan-sol-eng
PROVIDED AND/OR DISCOVERED BY: Adam Pointon, Assurance.
The vendor also credits Mathieu Pepin for reporting the second vulnerability.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml
Assurance: http://www.assurance.com.au/advisories/200604-cisco.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.11"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.13"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.12"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.10"
},
{
"model": "wireless lan solution engine express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11302.0.5"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11302.0.2"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11302.0"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11052.5"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11052.0.2"
},
{
"model": "wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11052.0"
},
{
"model": "wireless lan solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wireless lan solution engine express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.13"
},
{
"model": "wireless lan solution engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.13"
}
],
"sources": [
{
"db": "BID",
"id": "17604"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Pointon http://www.assurance.com.au/",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-1960",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-18068",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-1960",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-405",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-18068",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18068"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095. CiscoWorks Wireless LAN Solution Engine (WLSE) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal JSP session cookie-based authentication credentials and launch other attacks. CiscoWorks WLSE is the centralized system-level application for managing and controlling the entire autonomous Cisco WLAN infrastructure. There is a vulnerability in the implementation of the CiscoWorks WLSE configuration management script. Attackers may exploit this vulnerability to obtain sensitive information. The \"displayMsg\" parameter in /wlse/configure/archive/archiveApplyDisplay.jsp in WLSE devices can lead to a cross-site scripting vulnerability. \n\nThis is related to vulnerability #2 in:\nSA19736\n\nSOLUTION:\nApply fixes. \n\nCisco URT:\nUpdate to version 2.5.5(A1) for the URT appliance. \nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/urt-3des\n\nCisco HSE:\nApply HSE-PSIRT1 patch. \n\n1) Input passed to the \"displayMsg\" parameter in\n\"/wlse/configure/archive/archiveApplyDisplay.jsp\" in the WLSE\nappliance web interface is not properly sanitised before being\nreturned to users. \n\n2) Several errors in the \"show\" CLI application can be exploited to\ngain a shell account with root privileges from the command line\ninterface. \n\nSOLUTION:\nUpdate to version 2.13 or later. \nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/wlan-sol-eng\n\nPROVIDED AND/OR DISCOVERED BY:\nAdam Pointon, Assurance. \n\nThe vendor also credits Mathieu Pepin for reporting the second\nvulnerability. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml\nhttp://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml\n\nAssurance:\nhttp://www.assurance.com.au/advisories/200604-cisco.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1960"
},
{
"db": "BID",
"id": "17604"
},
{
"db": "VULHUB",
"id": "VHN-18068"
},
{
"db": "PACKETSTORM",
"id": "45617"
},
{
"db": "PACKETSTORM",
"id": "45615"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-18068",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18068"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "17604",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "19736",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015965",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "24812",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2006-1960",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1434",
"trust": 1.7
},
{
"db": "BUGTRAQ",
"id": "20060419 RE: MULTIPLE VULNERABILITIES IN LINUX BASED CISCO PRODUCTS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060419 MULTIPLE VULNERABILITIES IN LINUX BASED CISCO PRODUCTS",
"trust": 0.6
},
{
"db": "XF",
"id": "25883",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20060419 MULTIPLE VULNERABILITIES IN THE WLSE APPLIANCE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "27684",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-81283",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-18068",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "19741",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45617",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45615",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18068"
},
{
"db": "BID",
"id": "17604"
},
{
"db": "PACKETSTORM",
"id": "45617"
},
{
"db": "PACKETSTORM",
"id": "45615"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"id": "VAR-200604-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-18068"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:15:16.053000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml"
},
{
"trust": 1.8,
"url": "http://www.assurance.com.au/advisories/200604-cisco.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/17604"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/24812"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015965"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19736"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/431371/30/5490/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/431367/30/5490/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1434"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25883"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1434"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/25883"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/431371/30/5490/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/431367/30/5490/threaded"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html"
},
{
"trust": 0.3,
"url": "/archive/1/431371"
},
{
"trust": 0.3,
"url": "/archive/1/431367"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/19736/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19741/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/1105-host-sol"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9457/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/urt-3des"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2186/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2187/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/wlan-sol-eng"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18068"
},
{
"db": "BID",
"id": "17604"
},
{
"db": "PACKETSTORM",
"id": "45617"
},
{
"db": "PACKETSTORM",
"id": "45615"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-18068"
},
{
"db": "BID",
"id": "17604"
},
{
"db": "PACKETSTORM",
"id": "45617"
},
{
"db": "PACKETSTORM",
"id": "45615"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-21T00:00:00",
"db": "VULHUB",
"id": "VHN-18068"
},
{
"date": "2006-04-19T00:00:00",
"db": "BID",
"id": "17604"
},
{
"date": "2006-04-25T22:06:23",
"db": "PACKETSTORM",
"id": "45617"
},
{
"date": "2006-04-25T22:06:23",
"db": "PACKETSTORM",
"id": "45615"
},
{
"date": "2006-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"date": "2006-04-21T10:02:00",
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-18068"
},
{
"date": "2006-04-19T00:00:00",
"db": "BID",
"id": "17604"
},
{
"date": "2006-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-405"
},
{
"date": "2024-11-21T00:10:11.627000",
"db": "NVD",
"id": "CVE-2006-1960"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WLSE archiveApplyDisplay.jsp Cross-site scripting vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "45615"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-405"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…