CVE-2006-6712 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-6712

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0f and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in crafted email messages.

Affected Software

Name	Vendor	Start Version	End Version
Sugarcrm	Sugarcrm	*	4.5.0f (including)
Sugarcrm	Ubuntu	upstream	*

References

http://dl.sugarforge.org/sugardocs/Notes/ReleaseNotes/SugarOpenSource_ReleaseNotes_4.5.0g.pdf
http://jvn.jp/jp/JVN%2374079537/index.html
http://secunia.com/advisories/23424
http://securitytracker.com/id?1017434
http://www.securityfocus.com/bid/21694
http://www.vupen.com/english/advisories/2006/5100