Cross-Site Scripting Vulnerabilities in Mercury SiteScope by Mercury
CVE-2006-5122

Currently unrated

Key Information:

Vendor

HP
Status
Mercury Sitescope
Vendor
CVE Published:
3 October 2006

What is CVE-2006-5122?

Multiple cross-site scripting (XSS) vulnerabilities exist within Mercury SiteScope 8.2 (version 8.1.2.0), which can be exploited by remote authenticated users. These vulnerabilities allow attackers to inject arbitrary web scripts or HTML code through various fields, specifically in the create name field (excluding the 'create new group name' field) and any description fields. This could potentially lead to unauthorized actions and information disclosure if exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/1670
third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/29295
vdb-entryx_refsource_XF
http://secunia.com/advisories/22215
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.