6.8
CVE-2006-6503
- EPSS 10.29%
- Published 20.12.2006 01:28:00
- Last modified 09.04.2025 00:30:58
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.
Data is provided by the National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version < 1.5.0.9
Debian ≫ Debian Linux Version3.1
Debian ≫ Debian Linux Version4.0
Canonical ≫ Ubuntu Linux Version5.10
Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts
Canonical ≫ Ubuntu Linux Version6.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.29% | 0.929 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|