Lucene search

K
cve[email protected]CVE-2007-0660
HistoryFeb 01, 2007 - 10:28 p.m.

CVE-2007-0660

2007-02-0122:28:00
web.nvd.nist.gov
27
cve-2007-0660
cross-site scripting
xss
dotnetnuke
iframe module

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to “Pass through values.”

Affected configurations

NVD
Node
dotnetnukedotnetnuke_iframeRange03.01.01
OR
dotnetnukedotnetnuke_iframeMatch03.02.00

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%