{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-03-23T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://pubcookie.org/news/20060306-apps-secadv.html"}, {"name": "pubcookie-appserver-module-xss(25426)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25426"}, {"name": "24103", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24103"}, {"name": "17221", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17221"}, {"name": "VU#314540", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/314540"}, {"name": "19348", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19348"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-1393", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://pubcookie.org/news/20060306-apps-secadv.html", "refsource": "CONFIRM", "url": "http://pubcookie.org/news/20060306-apps-secadv.html"}, {"name": "pubcookie-appserver-module-xss(25426)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25426"}, {"name": "24103", "refsource": "OSVDB", "url": "http://www.osvdb.org/24103"}, {"name": "17221", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17221"}, {"name": "VU#314540", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/314540"}, {"name": "19348", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19348"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:12:21.404Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://pubcookie.org/news/20060306-apps-secadv.html"}, {"name": "pubcookie-appserver-module-xss(25426)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25426"}, {"name": "24103", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/24103"}, {"name": "17221", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17221"}, {"name": "VU#314540", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/314540"}, {"name": "19348", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19348"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-1393", "datePublished": "2006-03-26T23:00:00", "dateReserved": "2006-03-26T00:00:00", "dateUpdated": "2024-08-07T17:12:21.404Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "32433F8A-8ECA-43E7-B73A-4AE115D3C6CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8B5B4A6F-3CF2-43D0-8E32-79017E1DDB8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C20FF0B0-61B9-4D61-9FA1-013D0867F7BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C7C9244-4AEA-4C70-BF96-9D8CD125339F", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2AFBDFF-11FB-4EE9-BCD2-9281AE33DE0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.2.1a:*:*:*:*:*:*:*", "matchCriteriaId": "B8AF8CDA-1EF6-4B7B-8D75-3F5F8CE78113", "vulnerable": true}, {"criteria": "cpe:2.3:a:university_of_washington:pubcookie:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6318AC28-703C-4154-9485-861B9E930310", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors."}], "id": "CVE-2006-1393", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-03-26T23:06:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://pubcookie.org/news/20060306-apps-secadv.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19348"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/314540"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/24103"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/17221"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25426"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://pubcookie.org/news/20060306-apps-secadv.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19348"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/314540"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25426"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}