4.3
CVE-2007-0939
- EPSS 16.19%
- Veröffentlicht 10.04.2007 21:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:36
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Content Management Server Version2001 Updatesp1
Microsoft ≫ Content Management Server Version2002 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 16.19% | 0.965 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://www.securityfocus.com/archive/1/466331/100/200/threaded
http://secunia.com/advisories/24819
http://www.securitytracker.com/id?1017894
http://www.vupen.com/english/advisories/2007/1322
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-018
http://www.osvdb.org/34007
http://www.securityfocus.com/bid/22860
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1575