[Japanese]

JVNDB-2006-000851

pnamazu cross-site scripting vulnerability

Overview

pnamazu, the Perl version program of the full-text search engine Namazu, contains a cross-site scripting vulnerability.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Namazu Project.
  • pnamazu 2006.02.28 and earlier

Impact

An arbitrary script may be executed on the user's web browser.
Solution

Vendor Information

Namazu Project.
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2006-6782
References

  1. JVN : JVN#02729869
  2. National Vulnerability Database (NVD) : CVE-2006-6782
  3. Secunia Advisory : SA23507
  4. SecurityFocus : 21759
  5. SecurityTracker : 1017446
  6. FrSIRT Advisories : FrSIRT/ADV-2006-5165
Revision History

  • [2008/05/21]
      Web page published