CVE-2006-3958
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/08/2006
Last modified:
03/04/2025
Description
Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) "Pages that display task status, email addresses, URL, customer, and project information."
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:pkr_internet:taskjitsu:2.0.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/21242
- http://www.osvdb.org/27637
- http://www.pkrinternet.com/download/RELEASE-NOTES.txt
- http://www.securityfocus.com/bid/19251
- http://www.vupen.com/english/advisories/2006/3058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28178
- https://www.pkrinternet.com/taskjitsu/task/3477
- http://secunia.com/advisories/21242
- http://www.osvdb.org/27637
- http://www.pkrinternet.com/download/RELEASE-NOTES.txt
- http://www.securityfocus.com/bid/19251
- http://www.vupen.com/english/advisories/2006/3058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28178
- https://www.pkrinternet.com/taskjitsu/task/3477