CVE-2007-3291

2007-06-2021:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.1%

JSON

Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php.

References

osvdb.org/37491

secunia.com/advisories/25744

www.securityfocus.com/bid/24580

exchange.xforce.ibmcloud.com/vulnerabilities/35148

www.exploit-db.com/exploits/4082