6.8
CVE-2007-0973
- EPSS 1.54%
- Veröffentlicht 16.02.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitization when an administrator performs a Logged Guest action.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jupiter Cms ≫ Jupiter Cms Version1.1.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.54% | 0.716 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://mgsdl.free.fr/advisories/12070214.txt
http://www.acid-root.new.fr/advisories/12070214.txt
http://www.securityfocus.com/archive/1/460076/100/0/threaded
http://www.securityfocus.com/archive/1/460100/100/0/threaded
http://www.securityfocus.com/bid/22560
http://osvdb.org/33729
https://exchange.xforce.ibmcloud.com/vulnerabilities/32518