Unrated severityNVD Advisory· Published Jan 11, 2006· Updated Apr 16, 2026

CVE-2006-0172

Description

Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting.

Affected products

Hummingbird/Enterprise Collaboration2 versions
cpe:2.3:a:hummingbird:enterprise_collaboration:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hummingbird:enterprise_collaboration:*:*:*:*:*:*:*:*range: <=5.21
- cpe:2.3:a:hummingbird:enterprise_collaboration:5.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securenetwork.it/advisories/sn-2006-01.htmlnvdExploitVendor Advisory
www.securityfocus.com/bid/16195nvdExploit
secunia.com/advisories/18411nvdVendor Advisory
www.securityfocus.com/archive/1/421392/100/0/threadednvd
www.vupen.com/english/advisories/2006/0145nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24067nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000