4.3
CVE-2006-4206
- EPSS 16.91%
- Veröffentlicht 17.08.2006 21:04:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode, and possibly other versions before October 15, 2006, allows remote attackers to inject arbitrary web script or HTML via the calendarID parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Aspplayground.Net ≫ Aspplayground.Net Version2.4.5 Editionadvanced_and_unicode
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 16.91% | 0.947 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|