ID CVE-2007-0362
Type cve
Reporter NVD
Modified 2017-07-28T21:30:09
Description
Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes.
{"id": "CVE-2007-0362", "bulletinFamily": "NVD", "title": "CVE-2007-0362", "description": "Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes.", "published": "2007-01-18T20:28:00", "modified": "2017-07-28T21:30:09", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0362", "reporter": "NVD", "references": ["http://manual.freshreader.com/archives/2007/01/20070118_javasc.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/31566", "http://www.securityfocus.com/bid/22106", "http://jvn.jp/jp/JVN%2395249468/index.html", "http://www.vupen.com/english/advisories/2007/0241"], "cvelist": ["CVE-2007-0362"], "type": "cve", "lastseen": "2017-07-29T11:21:49", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:freshreader:freshreader"], "cvelist": ["CVE-2007-0362"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes.", "edition": 1, "enchantments": {}, "hash": "0ae991ce7a3ddb4451caa074e4c01c087efc1b4d58543403042040dc4b0be568", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "49c32f9ecd224583a88886241c436d05", "key": "published"}, {"hash": "b6f49b331ad0aa0aef1a2b819f74ae8e", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "ffadb46fa2763300f347ff43978358f8", "key": "href"}, {"hash": "962387c5122478dfedbcb82e0001ab07", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "b6552756f1f556ca66fb9750d26fe34a", "key": "cvelist"}, {"hash": "b203ebb6b21f97d9ba1ef49ec4625e96", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0630b3748ba3c221a4ac8b632d2fccd6", "key": "modified"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "3db45f92a6a8c8e041262818be1844b9", "key": "title"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0362", "id": "CVE-2007-0362", "lastseen": "2016-09-03T08:18:23", "modified": "2011-03-07T21:49:22", "objectVersion": "1.2", "published": "2007-01-18T20:28:00", "references": ["http://manual.freshreader.com/archives/2007/01/20070118_javasc.html", "http://www.securityfocus.com/bid/22106", "http://jvn.jp/jp/JVN%2395249468/index.html", "http://www.vupen.com/english/advisories/2007/0241", "http://xforce.iss.net/xforce/xfdb/31566"], "reporter": "NVD", "scanner": [], "title": "CVE-2007-0362", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T08:18:23"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "b6f49b331ad0aa0aef1a2b819f74ae8e"}, {"key": "cvelist", "hash": "b6552756f1f556ca66fb9750d26fe34a"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "b203ebb6b21f97d9ba1ef49ec4625e96"}, {"key": "href", "hash": "ffadb46fa2763300f347ff43978358f8"}, {"key": "modified", "hash": "b74e5a7029df3ba84a2d268222429a8a"}, {"key": "published", "hash": "49c32f9ecd224583a88886241c436d05"}, {"key": "references", "hash": "9b3a7002f6ca161d5328f5ed6f77159c"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "3db45f92a6a8c8e041262818be1844b9"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "805b8a24057d4d8d2d0d34464f1982f0278f6323e76a4caee80619bb6c2c05e6", "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2017-07-29T11:21:49"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:32923"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7151"]}], "modified": "2017-07-29T11:21:49"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:freshreader:freshreader"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"osvdb": [{"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://manual.freshreader.com/archives/2007/01/20070118_javasc.html\n[Secunia Advisory ID:23806](https://secuniaresearch.flexerasoftware.com/advisories/23806/)\nOther Advisory URL: http://jvn.jp/jp/JVN%2395249468/index.html\nISS X-Force ID: 31566\nFrSIRT Advisory: ADV-2007-0241\n[CVE-2007-0362](https://vulners.com/cve/CVE-2007-0362)\nBugtraq ID: 22106\n", "modified": "2007-01-18T05:33:47", "published": "2007-01-18T05:33:47", "href": "https://vulners.com/osvdb/OSVDB:32923", "id": "OSVDB:32923", "title": "FreshReader RSS Feed Tag Attribute XSS", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "modified": "2007-02-02T00:00:00", "published": "2007-02-02T00:00:00", "id": "SECURITYVULNS:VULN:7151", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7151", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}