6.8
CVE-2007-3973
- EPSS 2.77%
- Veröffentlicht 25.07.2007 17:30:00
- Zuletzt bearbeitet 16.06.2026 22:43:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, or the (2) search parameter or (3) theme cookie to (b) recherche.php.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.77% | 0.844 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://osvdb.org/38557
http://osvdb.org/38558
http://secunia.com/advisories/26165
http://securityreason.com/securityalert/2919
http://www.securityfocus.com/archive/1/474320/100/0/threaded
http://www.securityfocus.com/bid/24991
http://www.vupen.com/english/advisories/2007/2611
https://exchange.xforce.ibmcloud.com/vulnerabilities/35551
https://exchange.xforce.ibmcloud.com/vulnerabilities/35556
https://www.exploit-db.com/exploits/4211