Lucene search

MitreCVE-2007-4713

HistorySep 05, 2007 - 7:17 p.m.

CVE-2007-4713

2007-09-0519:17:00

CWE-79

mitre

web.nvd.nist.gov

cve-2007-4713

cross-site scripting

xss

urchin

vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters.

Affected configurations

Nvd

Node

roi_revolutionurchinMatch5.6.00r2

VendorProductVersionCPE
roi_revolutionurchin5.6.00r2cpe:2.3:a:roi_revolution:urchin:5.6.00r2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
roi_revolution	urchin	5.6.00r2	cpe:2.3:a:roi_revolution:urchin:5.6.00r2:::::::*

References

osvdb.org/36807

pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html

secunia.com/advisories/26682

www.securityfocus.com/bid/25530

www.vupen.com/english/advisories/2007/3085

exchange.xforce.ibmcloud.com/vulnerabilities/36401

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.2%

JSON

Related for CVE-2007-4713