PT-2006-5667 · Innovate · Innovate Portal

Meto5757

Published

2006-09-21

Updated

2018-10-17

CVE-2006-4915

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Innovate Portal version 2.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the content parameter in the "index.php" file.

Recommendations For Innovate Portal version 2.0, avoid using the content parameter in the index.php file until a fix is available. As a temporary workaround, consider validating and sanitizing all user input to prevent malicious script injection.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4915

Affected Products

Innovate Portal

PT-2006-5667 · Innovate · Innovate Portal

CVE-2006-4915

Related Identifiers

Affected Products

References · 6