4.3
CVE-2006-0735
- EPSS 12.11%
- Veröffentlicht 16.02.2006 11:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fuzzymonkey ≫ My Blog Version1.0
Fuzzymonkey ≫ My Blog Version1.2
Fuzzymonkey ≫ My Blog Version1.3
Fuzzymonkey ≫ My Blog Version1.4
Fuzzymonkey ≫ My Blog Version1.5
Fuzzymonkey ≫ My Blog Version1.6
Fuzzymonkey ≫ My Blog Version1.21
Fuzzymonkey ≫ My Blog Version1.22
Fuzzymonkey ≫ My Blog Version1.23
Fuzzymonkey ≫ My Blog Version1.31
Fuzzymonkey ≫ My Blog Version1.51
Fuzzymonkey ≫ My Blog Version1.52
Fuzzymonkey ≫ My Blog Version1.61
Fuzzymonkey ≫ My Blog Version1.62
Fuzzymonkey ≫ My Blog Version1.63
Fuzzymonkey ≫ My Blog Version1.64
M Blom ≫ Html-bbcode Version1.03
M Blom ≫ Html-bbcode Version1.04
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 12.11% | 0.935 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|