Vulnerabilities > CVE-2006-3820 - Cross-Site Scripting vulnerability in Gerrit Van Aaken Loudblog

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

gerrit-van-aaken

NVD

Published: 2006-07-25

Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Vulnerable Configurations

Part	Description	Count
Application	Gerrit_Van_Aaken Gerrit VAN Aaken Loudblog 0.1 Gerrit VAN Aaken Loudblog 0.2 Gerrit VAN Aaken Loudblog 0.3 Gerrit VAN Aaken Loudblog 0.4 Gerrit VAN Aaken Loudblog 0.41	5

References

http://loudblog.de/forum/viewtopic.php?id=756
http://secunia.com/advisories/21098
http://www.securesky-tech.com/
http://www.securityfocus.com/bid/19082
http://www.vupen.com/english/advisories/2006/2901
https://exchange.xforce.ibmcloud.com/vulnerabilities/27849