Vulnerabilities > CVE-2006-1041 - Input Validation vulnerability in Gregarius 0.5.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
gregarius
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |