VYPR
Unrated severityNVD Advisory· Published Jun 28, 2006· Updated Jun 16, 2026

CVE-2006-3257

CVE-2006-3257

Description

Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php.

Affected products

2
  • cpe:2.3:a:claroline:claroline:1.7.7:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:claroline:claroline:1.7.7:*:*:*:*:*:*:*
    • (no CPE)range: =1.7.7

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.