Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Description field. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Inprotect | Inprotect | <= 0.21 |
References
- http://secunia.com/advisories/19248Vendor Advisory
- http://www.osvdb.org/23936
- http://www.securityfocus.com/bid/17141
- http://www.vupen.com/english/advisories/2006/0970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25280
- http://secunia.com/advisories/19248Vendor Advisory
- http://www.osvdb.org/23936
- http://www.securityfocus.com/bid/17141
- http://www.vupen.com/english/advisories/2006/0970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25280
FAQ
What is CVE-2006-1270?
CVE-2006-1270 is a vulnerability with a CVSS score of 3.5 (LOW). Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Description field. NOTE: the p...
How severe is CVE-2006-1270?
CVE-2006-1270 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1270?
Check the references section above for vendor advisories and patch information. Affected products include: Inprotect Inprotect.