3.5
CVE-2007-2702
- EPSS 1.52%
- Veröffentlicht 16.05.2007 01:19:00
- Zuletzt bearbeitet 16.06.2026 22:40:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Weblogic Portal Version9.2 Updatega
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.52% | 0.712 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:N/I:P/A:N
|
http://secunia.com/advisories/25284
http://www.vupen.com/english/advisories/2007/1815
http://dev2dev.bea.com/pub/advisory/235
http://osvdb.org/36066
http://www.securitytracker.com/id?1018060
https://exchange.xforce.ibmcloud.com/vulnerabilities/34283