2.6
CVE-2006-0770
- EPSS 0.41%
- Published 18.02.2006 21:02:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Data is provided by the National Vulnerability Database (NVD)
Mybulletinboard ≫ Mybulletinboard Version1.0.1
Mybulletinboard ≫ Mybulletinboard Version1.0.2
Mybulletinboard ≫ Mybulletinboard Version1.0.3
Mybulletinboard ≫ Mybulletinboard Version1.0.4
Mybulletinboard ≫ Mybulletinboard Version1.0_final
Mybulletinboard ≫ Mybulletinboard Version1.0_pr2
Mybulletinboard ≫ Mybulletinboard Version1.0_preview_release_2
Mybulletinboard ≫ Mybulletinboard Version1.0_rc2
Mybulletinboard ≫ Mybulletinboard Version1.0_rc4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.583 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|