CVE-2006-5122

{"id": "CVE-2006-5122", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-10-03T04:03:00.000", "references": [{"url": "http://secunia.com/advisories/22215", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1670", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/447397/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20275", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3888", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29295", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/22215", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1670", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/447397/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/20275", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/3888", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29295", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) \"any field create name field\" except \"create new group name\" or (2) any description field."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en ercury SiteScope 8.2 (8.1.2.0) permite a un usuario validado inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de (1)\"cualquier campo crea un campo conocido\" excepto \"crear nuevo nombre ed grupo\" o (2) cualquier descripci\u00f3n de campo."}], "lastModified": "2024-11-21T00:17:57.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:mercury_sitescope:8.2_8.1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4131AC50-8F4D-45BC-95D7-0B1D8A4B9D3C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}