CVE-2006-6968

Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS v2.0 5.8 MEDIUM

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/34729
http://www.phorum.org/phorum5/read.php?12%2C119757
http://www.vupen.com/english/advisories/2007/0410
http://osvdb.org/34729
http://www.phorum.org/phorum5/read.php?12%2C119757
http://www.vupen.com/english/advisories/2007/0410

Configurations

Configuration 1 (hide)

cpe:2.3:a:phorum:phorum:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:24

Type	Values Removed	Values Added
References	~~() http://osvdb.org/34729 -~~	() http://osvdb.org/34729 -
References	~~() http://www.phorum.org/phorum5/read.php?12%2C119757 -~~	() http://www.phorum.org/phorum5/read.php?12%2C119757 -
References	~~() http://www.vupen.com/english/advisories/2007/0410 -~~	() http://www.vupen.com/english/advisories/2007/0410 -

Information

Published : 2007-02-06 02:28

Updated : 2024-11-21 00:24

NVD link : CVE-2006-6968

Mitre link : CVE-2006-6968

CVE.ORG link : CVE-2006-6968

JSON object : View

Products Affected

phorum

phorum

CWE

NVD-CWE-Other

5.8 /10