CVE-2006-1392

CVE-2006-1392

EPSS 1.7%

Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://pubcookie.org/news/20060306-login-secadv.html http://secunia.com/advisories/19348 https://exchange.xforce.ibmcloud.com/vulnerabilities/25427 http://www.kb.cert.org/vuls/id/337585 http://www.osvdb.org/24521 http://www.securityfocus.com/bid/17221