Lucene search

[email protected]CVE-2007-5834

HistoryNov 05, 2007 - 7:46 p.m.

CVE-2007-5834

2007-11-0519:46:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2007-5834

cross-site scripting

xss

bosdev bosnews 4

vulnerability

web script

html

nvd

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.4%

JSON

Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post.

CPENameOperatorVersion
bosdev:bosnewsbosdev bosnewseq4

CPE	Name	Operator	Version
bosdev:bosnews	bosdev bosnews	eq	4

References

osvdb.org/39062

securityreason.com/securityalert/3343

www.securityfocus.com/archive/1/482732/100/0/threaded

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.4%

JSON

Related for CVE-2007-5834

prion1