PT-2006-4494 · Koobi · Koobi Pro Cms
Publicado
2006-07-14
·
Atualizado
2018-10-18
·
CVE-2006-3620
CVSS v2.0
2.6
Baixa
| Vetor | AV:N/AC:H/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Koobi Pro CMS version 5.6
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the
toid parameter in the showtopic module.Recommendations
For Koobi Pro CMS version 5.6, avoid using the
toid parameter in the showtopic module until a fix is available. As a temporary workaround, consider restricting access to the showtopic module to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Koobi Pro Cms