CVE-2006-5122 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) \any field create name field\ except \create new group name\ or (2) any description field.

Reference

http://secunia.com/advisories/22215 http://securityreason.com/securityalert/1670 http://www.securityfocus.com/archive/1/447397/100/0/threaded http://www.securityfocus.com/bid/20275 http://www.vupen.com/english/advisories/2006/3888 https://exchange.xforce.ibmcloud.com/vulnerabilities/29295