CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Roller Weblogger: >> Roller Weblogger >> 2.3 Security Vulnerabilities

CVE-2006-4856

Multiple cross-site scripting (XSS) vulnerabilities in Roller WebLogger 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, or (3) url parameters; (4) certain content parameters in the preview method; or (5) the q parameter in (a) sitesearch.do.

CVSS Score

4.3

EPSS Score

0.012

Published

2006-09-19

Page 1

Vulnerabilities

Vulnerable Software

Roller Weblogger: >> Roller Weblogger >> 2.3 Security Vulnerabilities

Products

Pricing

Contact Us