4.3

CVE-2007-0939

Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftContent Management Server Version2001 Updatesp1
MicrosoftContent Management Server Version2002 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 16.19% 0.965
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/466331/100/200/threaded
http://secunia.com/advisories/24819
http://www.securitytracker.com/id?1017894
http://www.vupen.com/english/advisories/2007/1322
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-018
http://www.osvdb.org/34007
http://www.securityfocus.com/bid/22860
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1575