← Back

CVE-2006-6925

nvd nist
Published: Jan 13, 2007Modified: Apr 23, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in bitweaver 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the message title field when submitting an article to articles/edit.php, (2) the message title field when submitting a blog post to blogs/post.php, or (3) the message description field when editing in the Sandbox in wiki/edit.php.

Affected (5)

Products: Bitweaver: Bitweaver
Bitweaver
1 product
Bitweaver
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Bitweaver
Bitweaver
Version 1.1.1_beta
Bitweaver
Version 1.1
Bitweaver
Version 1.2.1
Bitweaver
Version 1.3.1
Bitweaver
Version 1.3

References (14)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.