Lucene search

[email protected]NVD:CVE-2007-2060

HistoryApr 18, 2007 - 3:19 a.m.

CVE-2007-2060

2007-04-1803:19:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.

Affected configurations

Nvd

Node

wizz_computerswizz_rss_readerRange≤2.1.8

VendorProductVersionCPE
wizz_computerswizz_rss_reader*cpe:2.3:a:wizz_computers:wizz_rss_reader:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wizz_computers	wizz_rss_reader	*	cpe:2.3:a:wizz_computers:wizz_rss_reader::::::::

References

osvdb.org/34534

secunia.com/advisories/24913

wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/

www.kb.cert.org/vuls/id/319464

www.kb.cert.org/vuls/id/MIMG-6ZKP4T

www.securityfocus.com/bid/23523

www.vupen.com/english/advisories/2007/1425

addons.mozilla.org/en-US/firefox/addon/424

exchange.xforce.ibmcloud.com/vulnerabilities/33693

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON

Related for NVD:CVE-2007-2060

securityvulns1 prion1 cvelist1 cve1