4.9
CVE-2006-5122
- EPSS 1.15%
- Veröffentlicht 03.10.2006 04:03:00
- Zuletzt bearbeitet 16.06.2026 22:30:32
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Mercury Sitescope Version8.2_8.1.2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.15% | 0.629 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 6.8 | 4.9 |
AV:N/AC:M/Au:S/C:P/I:P/A:N
|
http://secunia.com/advisories/22215
http://securityreason.com/securityalert/1670
http://www.securityfocus.com/archive/1/447397/100/0/threaded
http://www.securityfocus.com/bid/20275
http://www.vupen.com/english/advisories/2006/3888
https://exchange.xforce.ibmcloud.com/vulnerabilities/29295