Lucene search
HistoryJun 12, 2007 - 11:30 p.m.
CVE-2007-3202
cve-2007-3202
cross-site scripting
xss
webwiz
vulnerability
rich text editor
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
67.9%
Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote attackers to inject arbitrary web script or HTML via URL-encoded HTML composed of a frameset in which a frame has a SRC attribute pointing to a JavaScript document.
Affected configurations
Node
bruce_corkhillweb_wiz_rich_text_editorMatch3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| bruce_corkhill:web_wiz_rich_text_editor | bruce corkhill web wiz rich text editor | eq | 3.1 |
Related
prion
prion
Cross site scripting
2007-06-12 23:30:00
cvelist
cvelist
CVE-2007-3202
2007-06-12 23:00:00
nvd
nvd
CVE-2007-3202
2007-06-12 23:30:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
67.9%
Related for CVE-2007-3202