Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2006-5453

Date: October 23, 2006

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.

Severity Score

Related Resources (22)

http://security.gentoo.org/glsa/glsa-200611-04.xml
http://www.vupen.com/english/advisories/2006/4035
https://bugzilla.mozilla.org/show_bug.cgi?id=206037
http://secunia.com/advisories/22409
http://www.securityfocus.com/bid/20538
http://secunia.com/advisories/22826
http://www.bugzilla.org/security/2.18.5/
http://www.osvdb.org/29549
https://people.canonical.com/~ubuntu-security/cve/CVE-2006-5453
https://exchange.xforce.ibmcloud.com/vulnerabilities/29619
https://bugzilla.mozilla.org/show_bug.cgi?id=330555
https://nvd.nist.gov/vuln/detail/CVE-2006-5453
https://bugzilla.mozilla.org/show_bug.cgi?id=355728
http://www.debian.org/security/2006/dsa-1208
https://exchange.xforce.ibmcloud.com/vulnerabilities/29610
http://securityreason.com/securityalert/1760
http://securitytracker.com/id?1017063
http://www.securityfocus.com/archive/1/448777/100/100/threaded
http://www.osvdb.org/29545
http://www.osvdb.org/29544
http://secunia.com/advisories/22790
https://www.mend.io/vulnerability-database/CVE-2006-5453

Severity Score

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): SINGLE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us