Cross-Site Scripting Vulnerabilities in Mercury SiteScope by Mercury
CVE-2006-5122

Currently unrated

Key Information:

Vendor

HP

Vendor
CVE Published:
3 October 2006

What is CVE-2006-5122?

Multiple cross-site scripting (XSS) vulnerabilities exist within Mercury SiteScope 8.2 (version 8.1.2.0), which can be exploited by remote authenticated users. These vulnerabilities allow attackers to inject arbitrary web scripts or HTML code through various fields, specifically in the create name field (excluding the 'create new group name' field) and any description fields. This could potentially lead to unauthorized actions and information disclosure if exploited.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.