CVE-2006-1344
VeriSign MPKI 6.0 - Cross-Site Scripting via VHTML_FILE Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-1344. PoCs published by Alberto Soli.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in MPKI 6.0 due to improper input sanitization. The PoC shows how an attacker can inject malicious JavaScript via the VHTML_FILE parameter to execute arbitrary code in the context of a user's browser session.
Description
Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in MPKI 6.0 due to improper input sanitization. The PoC shows how an attacker can inject malicious JavaScript via the VHTML_FILE parameter to execute arbitrary code in the context of a user's browser session.