CVE-2007-2907

2007-05-3010:00:00

mitre

www.cve.org

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.5%

JSON

Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling.

References

osvdb.org/36913

osvdb.org/36915

secunia.com/advisories/25512

sourceforge.net/forum/forum.php?forum_id=690648

www.securityfocus.com/bid/24319

www.vupen.com/english/advisories/2007/2057