Lucene search
HistoryFeb 08, 2007 - 2:28 a.m.
CVE-2007-0840
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.4 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.7%
Cross-site scripting (XSS) vulnerability in HLstats before 1.35 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the search class. NOTE: it is possible that this issue overlaps CVE-2006-4543.3 or CVE-2006-4454.
Affected configurations
Node
hlstatshlstatsMatch1.34
Related
cvelist
cvelist
prion
prion
Cross site scripting
2007-02-08 02:28:00
Cross site scripting
2007-05-24 18:30:00
cve
cve
securityvulns
securityvulns
nvd
nvd
freebsd
freebsd
hlstats -- multiple cross site scripting vulnerabilities
2006-08-29 00:00:00
openvas
openvas
FreeBSD Ports: hlstats
2008-09-04 00:00:00
FreeBSD Ports: hlstats
2008-09-04 00:00:00
nessus
nessus
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
5.4 Medium
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.7%
Related for NVD:CVE-2007-0840