Detections
Analytics

CVE-2006-6892

medium

Description

Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable.

References

http://www.vupen.com/english/advisories/2007/0039

http://www.ovbb.org/forums/thread.php?threadid=185

http://secunia.com/advisories/23484

Details

Source: Mitre, NVD

Published: 2006-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00489