CVE-2006-6159

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) message or (2) subject parameter.

Reference

http://secunia.com/advisories/22991
http://www.osvdb.org/30671
http://www.securityfocus.com/bid/21248
http://www.vupen.com/english/advisories/2006/4676
http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/30520

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2017 - 01:29

Objavljeno

28-11-2006 - 23:28