CVE-2006-2874

Published Jun 6, 2006

Last updated 7 years ago

Overview

Description: Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AF39097-39DF-4F37-A650-28F4CE5D5F28"
          },
          {
            "criteria": "cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23A6AE3D-ECEC-42E7-8E52-1F7A30D3BF44"
          },
          {
            "criteria": "cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45299E47-1CCC-4C97-8D09-89480A9D3A1D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References