Show plain JSON{"id": "CVE-2006-7023", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-02-15T02:28:00.000", "references": [{"url": "http://securityreason.com/securityalert/2251", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/436691/30/4500/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/469825/100/100/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/18361", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27167", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2251", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/436691/30/4500/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/469825/100/100/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/18361", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27167", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or web script via (1) the search box, and the (2) url, (3) website, (4) comment, and (5) signature fields in the profile, and possibly (6) a menu item."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en fx-APP 0.0.8.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de (1) la caja de b\u00fasqueda, y los campos (2) url, (3)sitio web (website), (4) comentario (comment), y (5) firma (signature) del perfil, y posiblemente (6) un elemento de men\u00fa."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fx-app:fx-app:0.0.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EE4BD03-8E06-41D4-B572-85B34EBFF9F1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}