Unrated severityNVD Advisory· Published Dec 31, 2006· Updated Jun 16, 2026
CVE-2006-6871
CVE-2006-6871
Description
Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewlink operation in mod.php, (2) the intypeid parameter in a showinfo operation in the informasi module in mod.php, (3) the "your Friend" field in friend.php, or (4) the "Main Text" field in admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:endonesia:endonesia:8.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.