Vulnerability Description
Cross-site scripting (XSS) vulnerability in the show_recent_searches function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to inject arbitrary web script or HTML via the srch variable.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Web-App.Net | Webapp | All versions |
References
- http://www.web-app.net/cgi-bin/index.cgi?action=downloadinfo&cat=security&id=1
- http://www.web-app.net/cgi-bin/index.cgi?action=redirectd&cat=security&id=1
- http://www.web-app.net/cgi-bin/index.cgi?action=downloadinfo&cat=security&id=1
- http://www.web-app.net/cgi-bin/index.cgi?action=redirectd&cat=security&id=1
FAQ
What is CVE-2006-7187?
CVE-2006-7187 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the show_recent_searches function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to inject arbitrary web script...
How severe is CVE-2006-7187?
CVE-2006-7187 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7187?
Check the references section above for vendor advisories and patch information. Affected products include: Web-App.Net Webapp.