CVE-2006-1761
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/04/2006
Last modified:
18/10/2018
Description
Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message. NOTE: the vector in the shard parameter is not XSS and has been assigned a separate name.
Impact
Base Score 2.0
2.60
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:blursoft:blur6ex:0.3.462:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page