VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 14, 2006· Updated Apr 23, 2026

CVE-2006-6509

CVE-2006-6509

Description

Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypass security protections and inject arbitrary web script or HTML via an ABOUT: URI, which is displayed in the title bar of the browser.

Affected products

25
  • Sitekiosk/Sitekiosk25 versions
    cpe:2.3:a:sitekiosk:sitekiosk:4.9.11:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:sitekiosk:sitekiosk:4.9.11:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:4.9.14:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:4.96:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:4.96.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:4.96.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:4.97.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.238:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.248:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.26:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.264:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.32:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.36:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.38:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.5.34:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.5.35:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.5.36:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.5.39:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:5.5.45:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:6.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:6.0.98_final:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:6.2.51:*:*:*:*:*:*:*
    • cpe:2.3:a:sitekiosk:sitekiosk:6.5.149:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.