2.6

CVE-2006-3841

EPSS 0.56%
Veröffentlicht 25.07.2006 23:04:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Owasp ≫ Webscarab Version2006-06-21

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.56%	0.671

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047995.html

http://moritz-naumann.com/adv/0012/webscarabxss/0012.txt

Patch

http://secunia.com/advisories/21114

Patch

Vendor Advisory

http://securityreason.com/securityalert/1276

http://www.securityfocus.com/archive/1/440441/100/0/threaded

http://www.securityfocus.com/bid/19063

http://www.vupen.com/english/advisories/2006/2878

https://exchange.xforce.ibmcloud.com/vulnerabilities/27797

https://nvd.nist.gov/vuln/detail/CVE-2006-3841

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3841

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3841

EUVD