Vulnerability Description
Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zoid Technologies | Project Eros Bbsengine | <= 2006-06-21 |
References
- http://secunia.com/advisories/20760PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388Patch
- http://www.securityfocus.com/bid/18627Patch
- http://www.vupen.com/english/advisories/2006/2503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27488
- http://secunia.com/advisories/20760PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=427430&group_id=86388Patch
- http://www.securityfocus.com/bid/18627Patch
- http://www.vupen.com/english/advisories/2006/2503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27488
FAQ
What is CVE-2006-3308?
CVE-2006-3308 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).
How severe is CVE-2006-3308?
CVE-2006-3308 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3308?
Check the references section above for vendor advisories and patch information. Affected products include: Zoid Technologies Project Eros Bbsengine.