CVE-2006-3397
Last modified
CVE-2006-3397 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title and (2) description parameters when creating a task.. EPSS estimates a 1.27% chance of exploitation in the next 30 days.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title and (2) description parameters when creating a task.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Pkr Internet | Taskjitsu | 0.1 |
| Pkr Internet | Taskjitsu | 2.0 |
References
- http://secunia.com/advisories/20912Patch, Vendor Advisory
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- https://www.pkrinternet.com/taskjitsu/task/3313URL Repurposed
- http://secunia.com/advisories/20912Patch, Vendor Advisory
- http://www.pkrinternet.com/download/RELEASE-NOTES.txtURL Repurposed
- https://www.pkrinternet.com/taskjitsu/task/3313URL Repurposed
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-3397?
How severe is CVE-2006-3397?
How do I fix CVE-2006-3397?
Are you affected by CVE-2006-3397?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST