CVE-2006-1222

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042872.html", "name": "20060312 [INetCop Security Advisory] zeroboard IP session bypass XSS vulnerability", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "FULLDISC"}, {"url": "http://www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdf", "name": "http://www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdf", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.nzeo.com/bbs/zboard.php?id=cgi_bugreport2&no=5406", "name": "http://www.nzeo.com/bbs/zboard.php?id=cgi_bugreport2&no=5406", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/17075", "name": "17075", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/19214", "name": "19214", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.osvdb.org/23847", "name": "23847", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2006/0944", "name": "ADV-2006-0944", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25212", "name": "zeroboard-multiple-fields-xss(25212)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/427466/100/0/threaded", "name": "20060312 [INetCop Security Advisory] zeroboard IP session bypass XSS vulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the (1) memo box title, (2) user email, and (3) homepage fields."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-1222", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-03-14T11:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:zeroboard:zeroboard:4.1_pl6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-18T16:31Z"}