CVE-2006-6223

Currently unrated

Key Information:

Vendor: Google
Status: Mini Search Appliance; Search Appliance
Vendor: CVE Published:; 2 December 2006

Summary

Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.

References

http://securitytracker.com/id?1017317

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/30647

vdb-entryx_refsource_XF

http://sla.ckers.org/forum/read.php?3%2C3109

x_refsource_MISC

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 2, 2006
Vulnerability Reserved
Dec 1, 2006

Collectors

NVD DatabaseMitre Database