Vulnerability Description
Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page, a different vulnerability than CVE-2004-1512.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Soft3304 | 04Webserver | <= 1.83 |
References
- http://secunia.com/advisories/21504PatchVendor Advisory
- http://www.securityfocus.com/bid/19496Patch
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28354
- http://secunia.com/advisories/21504PatchVendor Advisory
- http://www.securityfocus.com/bid/19496Patch
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28354
FAQ
What is CVE-2006-4199?
CVE-2006-4199 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it ...
How severe is CVE-2006-4199?
CVE-2006-4199 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4199?
Check the references section above for vendor advisories and patch information. Affected products include: Soft3304 04Webserver.