CVE-2006-1969

CVE-2006-1969

EPSS 1.3%

Cross-site scripting (XSS) vulnerability in search/search.cgi in an unspecified KCScripts script, probably Search Engine or Site Search, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the q parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://pridels0.blogspot.com/2006/04/portal-pack-6-xss-vuln.html http://secunia.com/advisories/19695 https://exchange.xforce.ibmcloud.com/vulnerabilities/25940 http://www.osvdb.org/24763 http://www.securityfocus.com/bid/17628 http://www.vupen.com/english/advisories/2006/1440