CVE-2006-3958

{"id": "CVE-2006-3958", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-08-01T21:04:00.000", "references": [{"url": "http://secunia.com/advisories/21242", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/27637", "source": "cve@mitre.org"}, {"url": "http://www.pkrinternet.com/download/RELEASE-NOTES.txt", "tags": ["URL Repurposed"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19251", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3058", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28178", "source": "cve@mitre.org"}, {"url": "https://www.pkrinternet.com/taskjitsu/task/3477", "tags": ["URL Repurposed"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) \"Pages that display task status, email addresses, URL, customer, and project information.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Taskjitsu 2.0.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del sistema (1) Search Tasks, o usuarios validados a trav\u00e9s del sistema (2)Edit Task, (3) el sistema back-end Category Editor, y (4) P\u00e1ginas que muestran el estado de la tarea, direcci\u00f3n email, URL, cliente, y informaci\u00f3n deol proyecto\"."}], "lastModified": "2024-02-14T01:17:43.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pkr_internet:taskjitsu:2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19EABEE0-5CAD-40BA-9E6F-D98A609FFBC5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}