4.3

CVE-2007-4284

EPSS 0.79%
Veröffentlicht 09.08.2007 21:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) Success Template (STPL) and (2) Failure Template (FTPL) parameters, which are not properly handled in an error message.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Meetingplace Web Confrencing Version <= 5.3\(235\)

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.79%	0.732

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065134.html

http://secunia.com/advisories/26376

http://securityreason.com/securityalert/2990

http://www.cisco.com/en/US/products/products_security_response09186a008089969e.html

http://www.securityfocus.com/archive/1/475840/100/0/threaded

http://www.securityfocus.com/archive/1/475845/100/0/threaded

http://www.securityfocus.com/bid/25237

http://www.securitytracker.com/id?1018537

http://www.vupen.com/english/advisories/2007/2815

https://exchange.xforce.ibmcloud.com/vulnerabilities/35871

https://nvd.nist.gov/vuln/detail/CVE-2007-4284

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4284

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4284

EUVD