Vulnerability Description
Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 allows remote attackers to inject arbitrary web script or HTML via the message field in the Contact Form.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Limbo Cms | Limbo Cms | 1.0.4.2 |
References
- http://osvdb.org/ref/23/23469-limbo.txt
- http://secunia.com/advisories/18723Vendor Advisory
- http://www.osvdb.org/23469
- http://www.securityfocus.com/bid/16811
- http://www.vupen.com/english/advisories/2006/0721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24877
- http://osvdb.org/ref/23/23469-limbo.txt
- http://secunia.com/advisories/18723Vendor Advisory
- http://www.osvdb.org/23469
- http://www.securityfocus.com/bid/16811
- http://www.vupen.com/english/advisories/2006/0721
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24877
FAQ
What is CVE-2006-0934?
CVE-2006-0934 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in webinsta Limbo 1.0.4.2 allows remote attackers to inject arbitrary web script or HTML via the message field in the Contact Form.
How severe is CVE-2006-0934?
CVE-2006-0934 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0934?
Check the references section above for vendor advisories and patch information. Affected products include: Limbo Cms Limbo Cms.