Detections
Analytics

CVE-2006-0473

medium

Description

Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24310

http://www.vupen.com/english/advisories/2006/0349

http://www.securityfocus.com/archive/1/423167/100/0/threaded

http://www.osvdb.org/22753

http://securityreason.com/securityalert/378

http://secunia.com/advisories/18628

http://evuln.com/vulns/51/

http://attrition.org/pipermail/vim/2006-January/000520.html

Details

Source: Mitre, NVD

Published: 2006-01-31

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.12422