CVE-2006-1980

Sažetak

Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter.

Reference

http://pridels0.blogspot.com/2006/04/w2b-online-banking-vuln.html
http://secunia.com/advisories/19717
http://www.osvdb.org/24759
http://www.securityfocus.com/bid/17626
http://www.vupen.com/english/advisories/2006/1445
https://exchange.xforce.ibmcloud.com/vulnerabilities/25947

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

21-04-2006 - 22:02