Lucene search

[email protected]CVE-2007-3364

HistoryJun 22, 2007 - 6:30 p.m.

CVE-2007-3364

2007-06-2218:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3364

cross-site scripting

xss

myserver 0.8.9

nvd

security vulnerability

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 allows remote attackers to inject arbitrary web script or HTML via the body content.

CPENameOperatorVersion
myserver:myservermyservereq0.8.9

CPE	Name	Operator	Version
myserver:myserver	myserver	eq	0.8.9

References

osvdb.org/36340

osvdb.org/37506

securityreason.com/securityalert/2823

www.securityfocus.com/archive/1/471915/100/0/threaded

www.securityfocus.com/bid/24583

exchange.xforce.ibmcloud.com/vulnerabilities/34975

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for CVE-2007-3364

prion1