Vulnerabilities > CVE-2006-7023 - Cross-Site Scripting vulnerability in Fx-App 0.0.8.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

fx-app

NVD

Published: 2007-02-15

Updated: 2018-10-16

Summary

Multiple cross-site scripting (XSS) vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or web script via (1) the search box, and the (2) url, (3) website, (4) comment, and (5) signature fields in the profile, and possibly (6) a menu item.

Vulnerable Configurations

Part	Description	Count
Application	Fx-App FX APP FX APP 0.0.8.1	1

References

http://securityreason.com/securityalert/2251
http://www.securityfocus.com/archive/1/436691/30/4500/threaded
http://www.securityfocus.com/archive/1/469825/100/100/threaded
http://www.securityfocus.com/bid/18361
https://exchange.xforce.ibmcloud.com/vulnerabilities/27167