Vulnerability Description
Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) "Pages that display task status, email addresses, URL, customer, and project information."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pkr Internet | Taskjitsu | 2.0.3 |
References
- http://secunia.com/advisories/21242PatchVendor Advisory
- http://www.osvdb.org/27637
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- http://www.securityfocus.com/bid/19251
- http://www.vupen.com/english/advisories/2006/3058Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28178
- https://www.pkrinternet.com/taskjitsu/task/3477URL Repurposed
- http://secunia.com/advisories/21242PatchVendor Advisory
- http://www.osvdb.org/27637
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- http://www.securityfocus.com/bid/19251
- http://www.vupen.com/english/advisories/2006/3058Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28178
- https://www.pkrinternet.com/taskjitsu/task/3477URL Repurposed
FAQ
What is CVE-2006-3958?
CVE-2006-3958 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users...
How severe is CVE-2006-3958?
CVE-2006-3958 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3958?
Check the references section above for vendor advisories and patch information. Affected products include: Pkr Internet Taskjitsu.