Lucene search
HistoryMar 26, 2007 - 11:19 p.m.
CVE-2007-1678
xss
vulnerability
fizzle 0.5
firefox
rss feeds
uri handler
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.5%
Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler.
Affected configurations
Node
fizzlefizzleMatch0.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| fizzle:fizzle | fizzle | eq | 0.5 |
Related
securityvulns
securityvulns
Mozilla Fizzle addon crossite access
2007-03-25 00:00:00
prion
prion
Cross site scripting
2007-03-26 23:19:00
cvelist
cvelist
CVE-2007-1678
2007-03-26 23:00:00
nvd
nvd
CVE-2007-1678
2007-03-26 23:19:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.5%
Related for CVE-2007-1678