CVE-2006-0938

Published Mar 1, 2006

Last updated 3 months ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the RefererURL parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BB8788-83E4-48CE-A3EC-52AE557F7231",
            "versionEndIncluding": "3.7.3"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "424D0A1C-18CC-4648-B621-ABEE39475427"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA4CD0FB-13BD-4DDB-B82C-7204206F764F"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE243CE3-75E4-4C29-BF80-30FEB6321BC2"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "504FCE83-4801-4ACC-81DF-402841B2B121"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C62DE22-8ABC-4A27-86FD-D045887C1867"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EACF1838-EC9B-45EA-A5D0-0252E4E54F4F"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B14B2E33-CB8C-4F40-B7D1-3FE67E9D6D1F"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E163DA2F-053F-4D9F-B793-9A2B70ADE342"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECA5BE97-28F9-4DEE-BAB3-093D6F35F730"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6035B56A-94C9-4131-9C49-3EE37DCE23A7"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6F8F2AC-AB82-4925-91D2-A6DE65E4A4FD"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A84C0A8-C576-4233-BC05-30CA56A41FCD"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDF55F25-B30D-4FC9-ADA7-7F185CD5338F"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CC77C98-2C37-49CE-AFB4-49D84BEC78FE"
          },
          {
            "criteria": "cpe:2.3:a:ez:ez_publish:3.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "568B3930-DDA1-4582-B1E8-BA4B4E83E49B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References