nvd-json-data-feeds/CVE-2006/CVE-2006-57xx/CVE-2006-5713.json

{
  "id": "CVE-2006-5713",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-11-04T01:07:00.000",
  "lastModified": "2017-07-20T01:33:54.883",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) author, (2) content, or (3) title parameters when posting a forum thread.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Easy File Sharing (EFS) Web Server 4.0 permite a un atacante remoto inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) author, (2) content, o (3) title cuando se fija un hilo del forum. NOTA: la procedencia de esta informaci\u00f3n es desconocida; los detalles se obtienen a partir de la informaci\u00f3n de terceros. \r\n"
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:efs_software:efs_web_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "665382DE-79C3-4B8C-8D36-38FF97BDBF11"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securityfocus.com/bid/20823",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29923",
      "source": "cve@mitre.org"
    }
  ]
}