Lucene search
HistoryMar 02, 2007 - 10:19 p.m.
CVE-2007-1229
cve-2007-1229
cross-site scripting
xss
vulnerability
nullsoft shoutcastserver
nvd
security
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.816 High
EPSS
Percentile
98.4%
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when viewing the log file.
Affected configurations
Node
nullsoftshoutcast_serverMatch1.9.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| nullsoft:shoutcast_server | nullsoft shoutcast server | eq | 1.9.7 |
Related
prion
prion
Cross site scripting
2007-03-02 22:19:00
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2007-1229
2007-03-02 22:00:00
nvd
nvd
CVE-2007-1229
2007-03-02 22:19:00
securityvulns
securityvulns
Nullsoft Shoutcast Server crossite scripting
2007-02-28 00:00:00
5.6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.816 High
EPSS
Percentile
98.4%
Related for CVE-2007-1229