2.6

CVE-2006-3841

EPSS 0.56%
Published 25.07.2006 23:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Owasp ≫ Webscarab Version2006-06-21

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.56%	0.671

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047995.html

http://moritz-naumann.com/adv/0012/webscarabxss/0012.txt

Patch

http://secunia.com/advisories/21114

Patch

Vendor Advisory

http://securityreason.com/securityalert/1276

http://www.securityfocus.com/archive/1/440441/100/0/threaded

http://www.securityfocus.com/bid/19063

http://www.vupen.com/english/advisories/2006/2878

https://exchange.xforce.ibmcloud.com/vulnerabilities/27797

https://nvd.nist.gov/vuln/detail/CVE-2006-3841

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3841

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3841

EUVD