2.6

CVE-2007-3807

Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SitescapeSitescape Forum Version <= 7.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.26% 0.657
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/36844
http://secunia.com/advisories/26065
Patch
http://securityreason.com/securityalert/2893
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3159
http://www.securityfocus.com/archive/1/473624/100/0/threaded
http://www.securityfocus.com/bid/24893
https://exchange.xforce.ibmcloud.com/vulnerabilities/35395