Vulnerability Description
The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary URL in the url parameter to a showhtml action for index.php, which causes the URL to be displayed within an iframe.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fx-App | Fx-App | 0.0.8.1 |
References
- http://securityreason.com/securityalert/2251
- http://www.securityfocus.com/archive/1/436691/30/4500/threaded
- http://www.securityfocus.com/bid/18361
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27180
- http://securityreason.com/securityalert/2251
- http://www.securityfocus.com/archive/1/436691/30/4500/threaded
- http://www.securityfocus.com/bid/18361
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27180
FAQ
What is CVE-2006-7022?
CVE-2006-7022 is a vulnerability with a CVSS score of 10.0 (HIGH). The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary URL in the url parameter to a showhtml action for index.php, which causes the URL...
How severe is CVE-2006-7022?
CVE-2006-7022 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7022?
Check the references section above for vendor advisories and patch information. Affected products include: Fx-App Fx-App.