CVE-2006-0365

Published Jan 22, 2006

Last updated 4 years ago

Overview

Description: Cross-site scripting (XSS) vulnerability in XMB (aka extreme message board) allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Vendor comments

XMBThis CVE is considered invalid because it provides neither a description nor a version number adequate to identity any vulnerability in XMB. Upgrades are available at https://www.xmbforum2.com/

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:xmb_software:xmb_forum:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "695C9E25-0D9D-46E4-B683-4E1553B715C3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Vendor comments

Configurations

References