Lucene search
HistoryMay 22, 2007 - 7:30 p.m.
CVE-2007-2808
cve
2007
2808
cross-site scripting
xss
vulnerability
gnatsweb
gnatsweb 4.00
gnats 4.1.99
remote attackers
web script
html
database parameter
nvd
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.7%
Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gnu:gnats | gnu gnats | eq | 4.1.99 |
| yngve_svendsen:gnatsweb | yngve svendsen gnatsweb | eq | 4.00 |
Related
openvas
openvas
Debian Security Advisory DSA 1486-1 (gnatsweb)
2008-02-05 00:00:00
Debian: Security Advisory (DSA-1486-1)
2008-02-05 00:00:00
osv
osv
gnatsweb - cross-site scripting
2008-02-04 00:00:00
ubuntucve
ubuntucve
CVE-2007-2808
2007-05-22 00:00:00
prion
prion
Cross site scripting
2007-05-22 19:30:00
debian
debian
[SECURITY] [DSA 1486-1] New gnatsweb packages fix cross-site scripting
2008-02-05 17:09:37
nessus
nessus
Debian DSA-1486-1 : gnatsweb - XSS
2008-02-05 00:00:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.7%
Related for CVE-2007-2808