| Vulnerability Name: | CVE-2006-5717 (CCN-30177) | ||||||||
| Assigned: | 2006-10-31 | ||||||||
| Published: | 2006-10-31 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Data Client Library (ZendGData) Preview 0.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) basedemo.php and (2) calenderdemo.php in samples/, and other unspecified files. | ||||||||
| CVSS v3 Severity: | 4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:U/RC:UR)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Oct 31 2006 - 22:17:05 CST Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0 Source: MITRE Type: CNA CVE-2006-5717 Source: SREASON Type: UNKNOWN 1815 Source: MISC Type: UNKNOWN http://www.armorize.com/resources/vulnerability.php?Keyword=Armorize-ADV-2006-0008 Source: CCN Type: OSVDB ID: 32622 Zend Google Data Client Library (ZendGData) Preview basedemo.php XSS Source: CCN Type: OSVDB ID: 32623 Zend Google Data Client Library (ZendGData) Preview calenderdemo.php XSS Source: BUGTRAQ Type: UNKNOWN 20061101 Multiple XSS Vulnerabilities in Zend Google Data Client Library Preview 0.2.0 Source: BID Type: UNKNOWN 20851 Source: CCN Type: BID-20851 Zend Google Data Client Library Multiple Cross-Site Scripting Vulnerabilities Source: CCN Type: Zend Web site Zend Google Data Client Library Source: XF Type: UNKNOWN zendgdata-unspecified-xss(30177) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||