CVE-2007-3653

2008-07-0900:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

54.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.

References

descriptions.securescout.com/tc/17973

www.netvigilance.com/advisory0043

exchange.xforce.ibmcloud.com/vulnerabilities/43502