CVE-2006-6509

Published Dec 14, 2006

Last updated 6 years ago

CVSS info 4.1

Overview

Description: Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypass security protections and inject arbitrary web script or HTML via an ABOUT: URI, which is displayed in the title bar of the browser.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.1
Impact score: 6.4
Exploitability score: 2.7
Vector string: AV:L/AC:M/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: -
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.9.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1D131E1-457B-4443-BA8D-A153DDA1B89A"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.9.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A3563DA-0211-4595-8207-1A3209F1764D"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.96:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F11A488-AD48-4913-A962-6CF846B3D26C"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.96.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "257CDE22-0AE2-4BE3-9FC3-DE1454B8810F"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.96.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85FDBE24-1A00-4F32-8C51-83F24678412E"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:4.97.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "880C49B6-AA89-4840-80E1-7A16BAC61F45"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C49DF177-C03A-4884-889A-B79A45C7B4D4"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37CEB07-CBBC-445A-855A-BEE7D7F0E5B5"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C50C37F-0CA0-4DB6-BAAD-CFD1C7AA4266"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C86C5E3B-8DF8-47EA-8110-A25D211BAB8F"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C38CA94A-1173-4174-9574-F77363B1EA7F"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "425EFE9F-4084-4526-B729-AEEDC1A84FF0"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA4A23F6-B99B-4FB3-AB32-5324FAFE38B6"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.238:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A79BEB08-65F2-43C5-9481-5B4E8F775475"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.248:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FAB39B1-C586-4D7C-9F46-BCD45E13AA98"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.0.264:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC8B038C-CDDB-4D00-98A3-D0E7BD765F04"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.5.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8098958-8975-43F4-AFA8-4FD26783A26C"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.5.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76CB9672-C009-47E8-86CF-381EB13BB308"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.5.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B98FE8C-737D-4925-9586-8D7E8A264C60"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.5.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9E019C6-4C7B-41AA-9839-D970E027D5F5"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:5.5.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53B4FBEE-FFE8-478E-824F-73C490F09347"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:6.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E56CE520-6BB4-4B96-B4C5-4AC3500D7426"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:6.0.98_final:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25614B18-60CD-49EC-BA4B-528449BB0F90"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:6.2.51:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C47CD55-9A40-4C97-8356-3527C0377C50"
          },
          {
            "criteria": "cpe:2.3:a:sitekiosk:sitekiosk:6.5.149:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F52F2DD0-EA5A-46D7-9238-9A4D7395AD04"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References