{
  "id": "CVE-2006-3258",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-06-27T21:05:00.000",
  "lastModified": "2017-07-20T01:32:10.740",
  "vulnStatus": "Modified",
  "evaluatorSolution": "The product no longer being maintained.",
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.html in BNBT TrinEdit and EasyTracker 7.7r3.2004.10.27 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) filter or (2) sort parameters."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en index.html de BNBT TrinEdit y EasyTracker v7.7r3.2004.10.27 y versiones anteriores. Permiten a usuarios remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s de los par\u00e1metros (1) filter o (2) sort."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "HIGH",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 2.6
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:bnbt:easytracker:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "7.7_r3_2004-10-27",
              "matchCriteriaId": "1B621C87-16C0-4BA4-9C98-068CE388CC62"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:bnbt:trinedit:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "7.7_r3_2004-10-27",
              "matchCriteriaId": "29FD7F3C-8FE4-408E-AAB1-0EB19E4D5F10"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://pridels0.blogspot.com/2006/06/bnbt-trinedit-vuln.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://securitytracker.com/id?1016368",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/18617",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/2506",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27302",
      "source": "cve@mitre.org"
    }
  ]
}