CVE-2006-0802

3 documents3 sources
Severity
2.6LOW
EPSS
0.5%
top 32.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Postnuke Software Foundation Postnuke
Timeline
PublishedFeb 20
Latest updateMay 1

Description

Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is enabled, allows remote attackers to inject arbitrary web script or HTML via the language parameter in a missing or translation operation.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-2xcx-gpjm-6fg6: Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 02022-05-01
CVEList
CVE-2006-0802: Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 02006-02-20
CVE-2006-0802 (LOW CVSS 2.6) | Cross-site scripting (XSS) vulnerab | cvebase.io