CVE-2007-1768

2007-03-30T01:19:00
ID CVE-2007-1768
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:40:00

Description

Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment.