Lucene search

K
cve[email protected]CVE-2007-2265
HistoryApr 25, 2007 - 8:19 p.m.

CVE-2007-2265

2007-04-2520:19:00
web.nvd.nist.gov
22
security
vulnerability
xss
ya book
0.98-alpha
index.php

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.5%

Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php.

Affected configurations

NVD
Node
phpeeya_bookMatch0.98_alpha
CPENameOperatorVersion
phpee:ya_bookphpee ya bookeq0.98_alpha

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.5%

Related for CVE-2007-2265