CVE-2006-2851
Summary
| CVE | CVE-2006-2851 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-06 20:06:00 UTC |
| Updated | 2017-07-20 01:31:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using Internet Explorer. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dotproject | Dotproject | 2.0 | All | All | All |
| Application | Dotproject | Dotproject | 2.0.1 | All | All | All |
| Application | Dotproject | Dotproject | 2.0.2 | All | All | All |
| Application | Dotproject | Dotproject | 2.0 | All | All | All |
| Application | Dotproject | Dotproject | 2.0.1 | All | All | All |
| Application | Dotproject | Dotproject | 2.0.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SourceForge.net: dotProject: Files | CONFIRM | sourceforge.net | Patch |
| JVN#97636431: dotProject におけるクロスサイトスクリプティングの脆弱性 | JVN | jvn.jp | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| dotProject Cross-Site Scripting Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Exploit, Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| dotProject Unspecified Cross-Site Scripting Vulnerability | BID | www.securityfocus.com | |
| JVN:JVN#97636431 | MITRE | jvn.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.