Unrated severityNVD Advisory· Published May 12, 2006· Updated Jun 16, 2026
CVE-2006-2340
CVE-2006-2340
Description
Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password, or (3) User-Agent HTTP header in the Hack Log.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:lethal_penguin:passmasterflex:1.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:lethal_penguin:passmasterflex:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:lethal_penguin:passmasterflexplus:1.2:*:*:*:*:*:*:*
- Range: <=1.2
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.