1. Home
  2. CVE Database
  3. CVE-2006-5122
MEDIUM · 4.9

CVE-2006-5122

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" exc...

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.

CVSS Score

4.9

MEDIUM

AV:N/AC:M/Au:S/C:P/I:P/A:N
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
HpMercury Sitescope8.2_8.1.2.0

References

FAQ

What is CVE-2006-5122?

CVE-2006-5122 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" exc...

How severe is CVE-2006-5122?

CVE-2006-5122 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-5122?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Mercury Sitescope.