4.3
CVE-2007-2808
- EPSS 1.32%
- Veröffentlicht 22.05.2007 19:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:28
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Yngve Svendsen ≫ Gnatsweb Version4.00
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.32% | 0.672 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://osvdb.org/36224
http://pridels-team.blogspot.com/2007/05/blog-post.html
http://secunia.com/advisories/25333
http://secunia.com/advisories/28743
http://www.debian.org/security/2008/dsa-1486
http://www.securityfocus.com/bid/24081
http://www.vupen.com/english/advisories/2007/1886
https://exchange.xforce.ibmcloud.com/vulnerabilities/34392