Lucene search

[email protected]CVE-2007-4301

HistoryAug 13, 2007 - 7:17 p.m.

CVE-2007-4301

2007-08-1319:17:00

[email protected]

web.nvd.nist.gov

cve

2007

4301

cross-site scripting

xss

webcart

management interface

remote attackers

web script

html

vulnerabilities

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

webcartwebcartMatch2.20

webcartwebcartMatch2.25

CPENameOperatorVersion
webcart:webcartwebcarteq2.20
webcart:webcartwebcarteq2.25

CPE	Name	Operator	Version
webcart:webcart	webcart	eq	2.20
webcart:webcart	webcart	eq	2.25

References

jvn.jp/jp/JVN%2366303599/index.html

osvdb.org/36441

secunia.com/advisories/26382

www.cgis.biz/script_web_cart/notice200708.html

www.securityfocus.com/bid/25261

www.securitytracker.com/id?1018554

exchange.xforce.ibmcloud.com/vulnerabilities/35946

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for CVE-2007-4301

prion1 cvelist1 nvd1