CVE-2006-6587

Apache OFBiz - Stored Cross-Site Scripting in Ecommerce Forum Message Posting

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017360
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21529

Scores

EPSS 0.0793
EPSS Percentile 94.1%

Details

Status published
Products (1)
apache/ofbiz
Published Dec 15, 2006
Tracked Since Feb 18, 2026