4.3
CVE-2007-2235
- EPSS 1.29%
- Veröffentlicht 25.04.2007 15:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.29% | 0.666 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://securityreason.com/securityalert/2613
http://www.acid-root.new.fr/advisories/13070411.txt
http://www.securityfocus.com/archive/1/465338/100/100/threaded
http://www.securityfocus.com/archive/1/465400/100/100/threaded
http://dev.punbb.org/changeset/934
http://dev.punbb.org/changeset/938
http://secunia.com/advisories/24843
http://www.vupen.com/english/advisories/2007/1362