CVE

Id
18577  
CVE No.
CVE-2006-2473  
Status
Candidate  
Description
** DISPUTED ** Cross-site scripting (XSS) vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot insert code in a wikipage or via URL parameters as they are all escaped before usage, so nothing can be compromised at other sites."  
Phase
Assigned (20060519)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
162219 18577 CVE-2006-2473 BUGTRAQ:20060517 OpenWiki<--v0.78 Cross-Site Scripting  View
162220 18577 CVE-2006-2473 URL:http://www.securityfocus.com/archive/1/archive/1/434295/100/0/threaded  View
162221 18577 CVE-2006-2473 BUGTRAQ:20080912 Re: OpenWiki<--v0.78 Cross-Site Scripting  View
162222 18577 CVE-2006-2473 URL:http://www.securityfocus.com/archive/1/archive/1/496294/100/0/threaded  View
162223 18577 CVE-2006-2473 MISC:http://www.openwiki.com/ow.asp?OpenWikiVulnerability  View
162224 18577 CVE-2006-2473 MISC:http://www.openwiki.com/ow.asp?XssVulnerability  View
162225 18577 CVE-2006-2473 BID:18013  View
162226 18577 CVE-2006-2473 URL:http://www.securityfocus.com/bid/18013  View
162227 18577 CVE-2006-2473 SREASON:920  View
162228 18577 CVE-2006-2473 URL:http://securityreason.com/securityalert/920  View
162229 18577 CVE-2006-2473 XF:openwiki-ow-xss(26517)  View

Related JVN