CVE-2006-5122

medium HPE
CVSS v3 Base Score
4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N
EPSS Score
0.3%
Exploitation probability in 30 days
Top 48% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
None
Published: October 3, 2006 (7163 days ago)
Last Modified: April 23, 2026
Vendor: HPE
Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.

CWE

NVD-CWE-Other

Affected Products

hp mercury sitescope

References

🔗 secunia.com 🔗 securityreason.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 www.vupen.com