| |
Vulnerability CVE-2006-1810
Published: 2006-04-18 Modified: 2012-02-12
| Description: |
Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the (1) ICQ, (2) AIM, (3) MSN, (4) Google Talk, (5) Website Name, (6) Website Address, (7) Email Address, (8) Location, (9) Signature, and (10) Sub-Titles fields in the user profile. |
Type:
CWE-Other
CVSS2 => (AV:L/AC:M/Au:N/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
1.9/10 |
2.9/10 |
3.4/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
http://www.securityfocus.com/archive/1/431121/100/0/threaded
http://www.securityfocus.com/bid/17539
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
