4.3
CVE-2006-1392
- EPSS 1.65%
- Veröffentlicht 26.03.2006 23:06:00
- Zuletzt bearbeitet 16.06.2026 22:22:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
University Of Washington ≫ Pubcookie Version3.0.0
University Of Washington ≫ Pubcookie Version3.1.0
University Of Washington ≫ Pubcookie Version3.1.1
University Of Washington ≫ Pubcookie Version3.2.0
University Of Washington ≫ Pubcookie Version3.2.1
University Of Washington ≫ Pubcookie Version3.2.1a
University Of Washington ≫ Pubcookie Version3.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.65% | 0.734 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pubcookie.org/news/20060306-login-secadv.html
http://secunia.com/advisories/19348
http://www.kb.cert.org/vuls/id/337585
http://www.osvdb.org/24521
http://www.securityfocus.com/bid/17221
https://exchange.xforce.ibmcloud.com/vulnerabilities/25427