CVE-2006-0938
Published Mar 1, 2006
Last updated 6 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the RefererURL parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0BB8788-83E4-48CE-A3EC-52AE557F7231",
"versionEndIncluding": "3.7.3"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "424D0A1C-18CC-4648-B621-ABEE39475427"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA4CD0FB-13BD-4DDB-B82C-7204206F764F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE243CE3-75E4-4C29-BF80-30FEB6321BC2"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "504FCE83-4801-4ACC-81DF-402841B2B121"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C62DE22-8ABC-4A27-86FD-D045887C1867"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EACF1838-EC9B-45EA-A5D0-0252E4E54F4F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B14B2E33-CB8C-4F40-B7D1-3FE67E9D6D1F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E163DA2F-053F-4D9F-B793-9A2B70ADE342"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECA5BE97-28F9-4DEE-BAB3-093D6F35F730"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6035B56A-94C9-4131-9C49-3EE37DCE23A7"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6F8F2AC-AB82-4925-91D2-A6DE65E4A4FD"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A84C0A8-C576-4233-BC05-30CA56A41FCD"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDF55F25-B30D-4FC9-ADA7-7F185CD5338F"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CC77C98-2C37-49CE-AFB4-49D84BEC78FE"
},
{
"criteria": "cpe:2.3:a:ez:ez_publish:3.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "568B3930-DDA1-4582-B1E8-BA4B4E83E49B"
}
],
"operator": "OR"
}
]
}
]