Lucene search

[email protected]CVE-2007-5993

HistoryNov 15, 2007 - 10:46 p.m.

CVE-2007-5993

2007-11-1522:46:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2007-5993

xss

vtls

web gateway

security vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter.

Affected configurations

NVD

Node

vtlsvtls.web.gatewayRange≤48.1

CPENameOperatorVersion
vtls:vtls.web.gatewayvtls vtls.web.gatewayle48.1

CPE	Name	Operator	Version
vtls:vtls.web.gateway	vtls vtls.web.gateway	le	48.1

References

osvdb.org/38708

secunia.com/advisories/27661

securityreason.com/securityalert/3369

www.securityfocus.com/archive/1/483622/100/0/threaded

www.securityfocus.com/bid/26419

exchange.xforce.ibmcloud.com/vulnerabilities/38444

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.8%

JSON

Related for CVE-2007-5993

nvd1 prion1 cvelist1