CVE Vulnerabilities

CVE-2006-6509

Published: Dec 14, 2006 | Modified: Oct 17, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.1 MEDIUM
AV:L/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypass security protections and inject arbitrary web script or HTML via an ABOUT: URI, which is displayed in the title bar of the browser.

Affected Software

Name Vendor Start Version End Version
Sitekiosk Sitekiosk 5.0.264 5.0.264
Sitekiosk Sitekiosk 4.9.11 4.9.11
Sitekiosk Sitekiosk 6.2.51 6.2.51
Sitekiosk Sitekiosk 4.96.0 4.96.0
Sitekiosk Sitekiosk 6.0.14 6.0.14
Sitekiosk Sitekiosk 5.5.34 5.5.34
Sitekiosk Sitekiosk 5.0.238 5.0.238
Sitekiosk Sitekiosk 5.0.35 5.0.35
Sitekiosk Sitekiosk 5.0.36 5.0.36
Sitekiosk Sitekiosk 5.5.45 5.5.45
Sitekiosk Sitekiosk 6.0.98_final 6.0.98_final
Sitekiosk Sitekiosk 5.0.19 5.0.19
Sitekiosk Sitekiosk 5.5.39 5.5.39
Sitekiosk Sitekiosk 4.96.3 4.96.3
Sitekiosk Sitekiosk 5.0.26 5.0.26
Sitekiosk Sitekiosk 5.0.38 5.0.38
Sitekiosk Sitekiosk 4.9.14 4.9.14
Sitekiosk Sitekiosk 5.0.32 5.0.32
Sitekiosk Sitekiosk 5.5.35 5.5.35
Sitekiosk Sitekiosk 5.0.41 5.0.41
Sitekiosk Sitekiosk 5.0.248 5.0.248
Sitekiosk Sitekiosk 4.97.0 4.97.0
Sitekiosk Sitekiosk 6.5.149 6.5.149
Sitekiosk Sitekiosk 5.5.36 5.5.36
Sitekiosk Sitekiosk 4.96 4.96

References