What is the severity of CVE-2006-6366?

CVE-2006-6366 is classified as a moderate severity cross-site scripting vulnerability.

How do I fix CVE-2006-6366?

To fix CVE-2006-6366, upgrade your Cerberus Helpdesk installation to the latest version or apply any available security patches.

Which versions of Cerberus Helpdesk are affected by CVE-2006-6366?

CVE-2006-6366 affects Cerberus Helpdesk versions from 0.97.3 to 3.3, including 2.0 through 2.7.

What exploit methods can be used in CVE-2006-6366?

CVE-2006-6366 allows remote attackers to inject arbitrary web scripts or HTML via the js parameter.

Is CVE-2006-6366 easily exploitable?

Yes, CVE-2006-6366 is easily exploitable due to its reliance on user input without proper sanitization.

Vulnerability/
CVE-2006-6366

medium

6.8

CWE

NVD-CWE-Other 79

7/12/2006

7/8/2024

CVE-2006-6366: XSS

First published: Thu Dec 07 2006(Updated: )

Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Webgroupmedia Cerberus Helpdesk	=3.2.1
Webgroupmedia Cerberus Helpdesk	=2.7
Webgroupmedia Cerberus Helpdesk	=3.3
Webgroupmedia Cerberus Helpdesk	=2.5
Webgroupmedia Cerberus Helpdesk	=3.2.317
Webgroupmedia Cerberus Helpdesk	=2.3
Webgroupmedia Cerberus Helpdesk	=2.4
Webgroupmedia Cerberus Helpdesk	=2.2
Webgroupmedia Cerberus Helpdesk	=2.1
Webgroupmedia Cerberus Helpdesk	=2.0
Webgroupmedia Cerberus Helpdesk	=2.6.1
Webgroupmedia Cerberus Helpdesk	=2.7.1
Webgroupmedia Cerberus Helpdesk	=0.97.3

Remedy

http://secunia.com/advisories/23193

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-6366?
CVE-2006-6366 is classified as a moderate severity cross-site scripting vulnerability.
How do I fix CVE-2006-6366?
To fix CVE-2006-6366, upgrade your Cerberus Helpdesk installation to the latest version or apply any available security patches.
Which versions of Cerberus Helpdesk are affected by CVE-2006-6366?
CVE-2006-6366 affects Cerberus Helpdesk versions from 0.97.3 to 3.3, including 2.0 through 2.7.
What exploit methods can be used in CVE-2006-6366?
CVE-2006-6366 allows remote attackers to inject arbitrary web scripts or HTML via the js parameter.
Is CVE-2006-6366 easily exploitable?
Yes, CVE-2006-6366 is easily exploitable due to its reliance on user input without proper sanitization.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/author
agent/last-modified-date
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
vendor/cerberus
product/helpdesk
canonical/cerberus helpdesk
agent/software-canonical-lookup-request
collector/nvd-index
canonical/webgroupmedia cerberus helpdesk
version/webgroupmedia cerberus helpdesk/3.2.1
version/webgroupmedia cerberus helpdesk/2.7
version/webgroupmedia cerberus helpdesk/3.3
version/webgroupmedia cerberus helpdesk/2.5
version/webgroupmedia cerberus helpdesk/3.2.317
version/webgroupmedia cerberus helpdesk/2.3
version/webgroupmedia cerberus helpdesk/2.4
version/webgroupmedia cerberus helpdesk/2.2
version/webgroupmedia cerberus helpdesk/2.1
version/webgroupmedia cerberus helpdesk/2.0
version/webgroupmedia cerberus helpdesk/2.6.1
version/webgroupmedia cerberus helpdesk/2.7.1
version/webgroupmedia cerberus helpdesk/0.97.3

Frequently Asked Questions

What is the severity of CVE-2006-6366?
CVE-2006-6366 is classified as a moderate severity cross-site scripting vulnerability.
How do I fix CVE-2006-6366?
To fix CVE-2006-6366, upgrade your Cerberus Helpdesk installation to the latest version or apply any available security patches.
Which versions of Cerberus Helpdesk are affected by CVE-2006-6366?
CVE-2006-6366 affects Cerberus Helpdesk versions from 0.97.3 to 3.3, including 2.0 through 2.7.
What exploit methods can be used in CVE-2006-6366?
CVE-2006-6366 allows remote attackers to inject arbitrary web scripts or HTML via the js parameter.
Is CVE-2006-6366 easily exploitable?
Yes, CVE-2006-6366 is easily exploitable due to its reliance on user input without proper sanitization.

CVE-2006-6366: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-6366?

How do I fix CVE-2006-6366?

Which versions of Cerberus Helpdesk are affected by CVE-2006-6366?

What exploit methods can be used in CVE-2006-6366?

Is CVE-2006-6366 easily exploitable?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2006-6366?

How do I fix CVE-2006-6366?

Which versions of Cerberus Helpdesk are affected by CVE-2006-6366?

What exploit methods can be used in CVE-2006-6366?

Is CVE-2006-6366 easily exploitable?