Lucene search
HistoryJan 09, 2007 - 6:28 p.m.
CVE-2007-0144
cve
2007
0144
cross-site scripting
xss
digitizing quote and ordering system 1.0
search vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.3 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.1%
Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the ordernum parameter.
Affected configurations
Node
digitizing_quote_and_ordering_systemdigitizing_quote_and_ordering_systemMatch1.0
Related
prion
prion
Cross site scripting
2007-01-09 18:28:00
nvd
nvd
CVE-2007-0144
2007-01-09 18:28:00
cvelist
cvelist
CVE-2007-0144
2007-01-09 18:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.3 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.1%
Related for CVE-2007-0144