6.8
CVE-2006-6587
- EPSS 7.55%
- Veröffentlicht 15.12.2006 19:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.55% | 0.937 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0177.html
http://securitytracker.com/id?1017360
http://www.securityfocus.com/bid/21529
https://issues.apache.org/jira/browse/OFBIZ-178
https://issues.apache.org/jira/browse/OFBIZ-260