ID CVE-2007-2610 Type cve Reporter cve@mitre.org Modified 2017-07-29T01:31:00
Description
Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modified3, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the Search feature, possibly the term parameter.
{"osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "cvelist": ["CVE-2007-2610"], "description": "## Solution Description\nUpgrade to version 1.1-modified3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=507099\nVendor Specific News/Changelog Entry: http://www.openld.com/forum/viewtopic.php?id=217\nVendor Specific News/Changelog Entry: http://www.openld.com/forum/viewtopic.php?id=216\n[Secunia Advisory ID:25168](https://secuniaresearch.flexerasoftware.com/advisories/25168/)\nFrSIRT Advisory: ADV-2007-1730\n[CVE-2007-2610](https://vulners.com/cve/CVE-2007-2610)\nBugtraq ID: 23896\n", "edition": 1, "modified": "2007-05-09T10:03:24", "published": "2007-05-09T10:03:24", "href": "https://vulners.com/osvdb/OSVDB:35871", "id": "OSVDB:35871", "title": "OpenLD Search Feature Unspecified XSS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}