Vulnerabilities > CVE-2006-4317 - HTML Injection vulnerability in Woltlab Burning Board 2.3.5
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
woltlab
Summary
Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |