Vulnerability CVE-2006-3397
Published: 2006-07-06   Modified: 2012-02-12

Description:
Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title and (2) description parameters when creating a task.

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Pkr internet -> Taskjitsu 

 References:
http://www.securityfocus.com/bid/18818
http://secunia.com/advisories/20912
https://www.pkrinternet.com/taskjitsu/task/3313
http://xforce.iss.net/xforce/xfdb/27533
http://www.vupen.com/english/advisories/2006/2660
http://www.pkrinternet.com/download/RELEASE-NOTES.txt
Copyright 2024, cxsecurity.com

 

Back to Top