Strix
26.1K

CVE-2006-0165

UnknownEPSS 1.18%

Last modified

CVE-2006-0165 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form.. EPSS estimates a 1.18% chance of exploitation in the next 30 days.

Description

Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form.

Metrics

EPSS Probability
1.18%

63.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Plain BlackWebgui5.5.8
Plain BlackWebgui6.2.10_gamma
Plain BlackWebgui6.2.11_gamma
Plain BlackWebgui6.3.0_beta
Plain BlackWebgui6.4.0_beta
Plain BlackWebgui6.5.0_beta
Plain BlackWebgui6.5.1_beta
Plain BlackWebgui6.5.2_beta
Plain BlackWebgui6.5.3_beta
Plain BlackWebgui6.5.4_gamma
Plain BlackWebgui6.5.5_gamma
Plain BlackWebgui6.5.6_gamma
Plain BlackWebgui6.6.0_beta
Plain BlackWebgui6.6.1_beta
Plain BlackWebgui6.6.2_gamma
Plain BlackWebgui6.6.3_gamma
Plain BlackWebgui6.6.4_gamma
Plain BlackWebgui6.6.5
Plain BlackWebgui6.7.0_beta
Plain BlackWebgui6.7.1_beta
Plain BlackWebgui6.7.2_beta
Plain BlackWebgui6.7.3_gamma
Plain BlackWebgui6.7.4_gamma
Plain BlackWebgui6.7.5_gamma
Plain BlackWebgui6.7.6_gamma
Plain BlackWebgui6.7.7_gamma
Plain BlackWebgui6.7.8_gamma
Plain BlackWebgui6.8.1_beta
Plain BlackWebgui6.8.2_beta
Plain BlackWebgui6.8.3_gamma

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-0165?
Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form.
How severe is CVE-2006-0165?
Severity scoring for CVE-2006-0165 is pending analysis. The EPSS model estimates a 1.18% probability of exploitation in the next 30 days.
How do I fix CVE-2006-0165?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-0165?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST