Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the (1) Account Name and (2) Username field. NOTE: the vendor has disputed this vulnerability, saying that "it does not exist currently in the Bluepay 2.0 product," and older versions might not have been affected either. As of 20060512, CVE has not formally investigated this dispute
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-19T16:00:00

Updated: 2024-08-07T17:27:28.683Z

Reserved: 2006-04-19T00:00:00

Link: CVE-2006-1854

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-04-19T16:06:00.000

Modified: 2024-11-21T00:09:55.230

Link: CVE-2006-1854

cve-icon Redhat

No data.