How severe is CVE-2015-6005?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.9 out of 10.

What type of vulnerability is CVE-2015-6005?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2015-6005 - MEDIUM Severity | CVSS 6.9

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field.

Related Vulnerabilities

CVE-2019-11999

MEDIUM

CVSS:6.9(Medium)

Potential security vulnerabilities have been identified in HPE OpenCall Media Platform (OCMP) resulting in remote arbitrary file download and cross site scripting. HPE has made the following updates a...

CWE-792019

CVE-2020-8493

MEDIUM

CVSS:6.9(Medium)

A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instructions...

CWE-792020

CVE-2020-8496

MEDIUM

CVSS:6.9(Medium)

In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as a...

CWE-792020

CVE-2021-33691

MEDIUM

CVSS:6.9(Medium)

NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.SAP NetWeaver Development Infrastructu...

CWE-792021

CVE-2022-0967

MEDIUM

CVSS:6.9(Medium)

Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4.

CWE-792022

CVE-2022-2589

MEDIUM

CVSS:6.9(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3.

CWE-792022