Vulnerabilities > CVE-2006-4199 - Multiple vulnerability in Soft3304 04Webserver 1.42/1.5/1.81
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
soft3304
Summary
Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page, a different vulnerability than CVE-2004-1512. This vulnerability is addressed in the following product release: Soft3304, 04WebServer, 1.84
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |