CVE-2006-6587

Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:23

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0177.html - Exploit () http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0177.html - Exploit
References () http://securitytracker.com/id?1017360 - () http://securitytracker.com/id?1017360 -
References () http://www.securityfocus.com/bid/21529 - () http://www.securityfocus.com/bid/21529 -
References () https://issues.apache.org/jira/browse/OFBIZ-178 - Exploit () https://issues.apache.org/jira/browse/OFBIZ-178 - Exploit
References () https://issues.apache.org/jira/browse/OFBIZ-260 - Exploit () https://issues.apache.org/jira/browse/OFBIZ-260 - Exploit

Information

Published : 2006-12-15 19:28

Updated : 2024-11-21 00:23


NVD link : CVE-2006-6587

Mitre link : CVE-2006-6587

CVE.ORG link : CVE-2006-6587


JSON object : View

Products Affected

apache

  • ofbiz