Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title and (2) description parameters when creating a task.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pkr Internet | Taskjitsu | 0.1 |
References
- http://secunia.com/advisories/20912PatchVendor Advisory
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- http://www.securityfocus.com/bid/18818Patch
- http://www.vupen.com/english/advisories/2006/2660
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27533
- https://www.pkrinternet.com/taskjitsu/task/3313URL Repurposed
- http://secunia.com/advisories/20912PatchVendor Advisory
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- http://www.securityfocus.com/bid/18818Patch
- http://www.vupen.com/english/advisories/2006/2660
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27533
- https://www.pkrinternet.com/taskjitsu/task/3313URL Repurposed
FAQ
What is CVE-2006-3397?
CVE-2006-3397 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title...
How severe is CVE-2006-3397?
CVE-2006-3397 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3397?
Check the references section above for vendor advisories and patch information. Affected products include: Pkr Internet Taskjitsu.