CVE-2006-5122 | Vulnerability Database | Aqua Security

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) any field create name field except create new group name or (2) any description field.

Affected Software

Name	Vendor	Start Version	End Version
Mercury_sitescope	Hp	8.2_8.1.2.0 (including)	8.2_8.1.2.0 (including)

References

http://secunia.com/advisories/22215
http://securityreason.com/securityalert/1670
http://www.securityfocus.com/archive/1/447397/100/0/threaded
http://www.securityfocus.com/bid/20275
http://www.vupen.com/english/advisories/2006/3888
https://exchange.xforce.ibmcloud.com/vulnerabilities/29295
http://secunia.com/advisories/22215
http://securityreason.com/securityalert/1670
http://www.securityfocus.com/archive/1/447397/100/0/threaded
http://www.securityfocus.com/bid/20275
http://www.vupen.com/english/advisories/2006/3888
https://exchange.xforce.ibmcloud.com/vulnerabilities/29295

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5122
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html