Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1410

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1410
Last Modified 07 Mar 2011 09:33:03
Published 28 Mar 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1410

Summary

Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute Live Support XE 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Screen name or (2) Session Topic field.

Vulnerable Systems

Application

  • Xigla Absolute Live Support Xe 2.0


References

VUPEN - ADV-2006-1099

BID - 17258

SECUNIA - 19415

XF - absolutelivesupport-register-xss(25434)

OSVDB - 24131

MISC - http://pridels0.blogspot.com/2006/03/absolute-live-support-xe-v20-xss-vuln.html


Last Updated: 27 May 2016 10:42:02