Lucene search

[email protected]CVE-2007-3213

HistoryJun 14, 2007 - 10:30 p.m.

CVE-2007-3213

2007-06-1422:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3213

cross-site scripting

xss

sporum forum 3.0.9

security vulnerabilities

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view and (2) mode parameters.

Affected configurations

NVD

Node

sporum_forumsporum_forumRange≤3.0.9

CPENameOperatorVersion
sporum_forum:sporum_forumsporum forumle3.0.9

CPE	Name	Operator	Version
sporum_forum:sporum_forum	sporum forum	le	3.0.9

References

osvdb.org/36384

pridels-team.blogspot.com/2007/06/sporum-forum-xss-vuln.html

secunia.com/advisories/25617

www.securityfocus.com/bid/24439

www.vupen.com/english/advisories/2007/2147

exchange.xforce.ibmcloud.com/vulnerabilities/34829

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2007-3213

cvelist1 nvd1 prion1