Lucene search

MitreCVE-2007-0362

HistoryJan 19, 2007 - 1:28 a.m.

CVE-2007-0362

2007-01-1901:28:00

mitre

web.nvd.nist.gov

cve-2007-0362

cross-site scripting

xss

freshreader

rss feed

vulnerability

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.027

Percentile

90.6%

JSON

Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes.

Affected configurations

Nvd

Node

freshreaderfreshreader

VendorProductVersionCPE
freshreaderfreshreader*cpe:2.3:a:freshreader:freshreader:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
freshreader	freshreader	*	cpe:2.3:a:freshreader:freshreader::::::::

References

jvn.jp/jp/JVN%2395249468/index.html

manual.freshreader.com/archives/2007/01/20070118_javasc.html

osvdb.org/32923

secunia.com/advisories/23806

www.securityfocus.com/bid/22106

www.vupen.com/english/advisories/2007/0241

exchange.xforce.ibmcloud.com/vulnerabilities/31566

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.027

Percentile

90.6%

JSON

Related for CVE-2007-0362