Vulnerabilities > CVE-2006-5717 - Cross-Site Scripting vulnerability in Zend Google Data Client Library Preview 0.2.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

zend

NVD

Published: 2006-11-04

Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Data Client Library (ZendGData) Preview 0.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) basedemo.php and (2) calenderdemo.php in samples/, and other unspecified files.

Vulnerable Configurations

Part	Description	Count
Application	Zend Zend Zend Google Data Client Library Preview 0.2.0	1

References

http://securityreason.com/securityalert/1815
http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008
http://www.securityfocus.com/archive/1/450245/100/0/threaded
http://www.securityfocus.com/bid/20851