6.8
CVE-2007-2060
- EPSS 3.18%
- Veröffentlicht 18.04.2007 03:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Wizz Computers ≫ Wizz Rss Reader Version <= 2.1.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.18% | 0.864 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://osvdb.org/34534
http://secunia.com/advisories/24913
http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/
http://www.kb.cert.org/vuls/id/319464
http://www.kb.cert.org/vuls/id/MIMG-6ZKP4T
http://www.securityfocus.com/bid/23523
http://www.vupen.com/english/advisories/2007/1425
https://addons.mozilla.org/en-US/firefox/addon/424
https://exchange.xforce.ibmcloud.com/vulnerabilities/33693