CVE-2006-4088

Medium

4.3/10

Summary

Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace 0.8.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject, (2) Comment, and (3) Add new comment sections.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Aug 11, 2006

CVE-2006-4088

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS