6.8
CVE-2006-7125
- EPSS 1.18%
- Veröffentlicht 06.03.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:34:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled when the administrator views site statistics.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Joomla ≫ Bsq Sitestats Version1.8.0
Joomla ≫ Bsq Sitestats Version2.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.18% | 0.637 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://secunia.com/secunia_research/2006-65/advisory/
http://www.securityfocus.com/archive/1/449125/100/0/threaded
http://www.securityfocus.com/bid/20614
http://www.vupen.com/english/advisories/2006/4090
https://exchange.xforce.ibmcloud.com/vulnerabilities/29661