CVE-2006-1417

medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25431

http://www.vupen.com/english/advisories/2006/1091

http://secunia.com/advisories/19416

http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html

Details

Source: Mitre, NVD

Published: 2006-03-28

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00906