CVE-2006-6159

CVE-2006-6159

EPSS 1.4%

Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) message or (2) subject parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/22991 https://exchange.xforce.ibmcloud.com/vulnerabilities/30520 http://www.osvdb.org/30671 http://www.securityfocus.com/bid/21248 http://www.vupen.com/english/advisories/2006/4676 http://www.zion-security.com/text/Mul_Vulnerability_DeskPro.txt