Lucene search
HistoryFeb 07, 2007 - 11:28 a.m.
CVE-2007-0817
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
86.8%
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote attackers to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page.
Affected configurations
Node
adobecoldfusionMatch6.1
ORadobecoldfusionMatch7.0.1
ORadobecoldfusionMatch7.0.2
Related
prion
prion
Cross site scripting
2007-02-07 11:28:00
cvelist
cvelist
CVE-2007-0817
2007-02-07 11:00:00
cve
cve
CVE-2007-0817
2007-02-07 11:28:00
securityvulns
securityvulns
ColdFusion crossite scripting
2007-02-05 00:00:00
nessus
nessus
ColdFusion Web Server User-Agent HTTP Header Error Message XSS
2007-02-06 00:00:00
jvn
jvn
JVN#48566866 ColdFusion error page cross-site scripting vulnerability
2007-02-14 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
86.8%
Related for NVD:CVE-2007-0817