← back
CVE-2006-0204

CVE-2006-0204

EPSS 1.4%
Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via (1) the "Course name" field in index.php when the frm parameter has the value "mine" and (2) possibly certain other fields in unspecified scripts.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://evuln.com/vulns/28/summary.htmlhttp://secunia.com/advisories/18440http://securityreason.com/securityalert/345https://exchange.xforce.ibmcloud.com/vulnerabilities/24106http://www.osvdb.org/22359http://www.securityfocus.com/archive/1/421746/100/0/threadedhttp://www.securityfocus.com/bid/16227http://www.vupen.com/english/advisories/2006/0185