Vulnerabilities > CVE-2006-2290 - Cross-Site Scripting vulnerability in XN--Gol-kma 2005-Comments-Script Komentare.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
www-goel-ch
Summary
Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php in 2005-Comments-Script allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) email, and (3) url parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |