CVE-2006-2880
Summary
| CVE | CVE-2006-2880 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-07 10:02:00 UTC |
| Updated | 2017-07-20 01:31:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the (1) url and (2) author fields. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Page not found - SourceForge.net | CONFIRM | sourceforge.net | Patch |
| PyBlosxom Contributed Packages Comments Plugin Multiple Cross-Site Scripting Vulnerabilities | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.