CVE-2006-5060

Published: Sep 28, 2006Modified: Apr 23, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in login.php in Jamroom 3.0.16 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the forgot parameter in the forgot mode.

Affected (1)

Products: Jamroom: Jamroom

Jamroom

1 product

Jamroom

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jamroom Jamroom	Version 3.0.16

References (12)

http://secunia.com/advisories/22077

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1649

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/446879/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20162

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/3766

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/29131

Source: cve@mitre.org

http://secunia.com/advisories/22077