Lucene search

[email protected]NVD:CVE-2007-4713

HistorySep 05, 2007 - 7:17 p.m.

CVE-2007-4713

2007-09-0519:17:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.007

Percentile

80.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters.

Affected configurations

Nvd

Node

roi_revolutionurchinMatch5.6.00r2

VendorProductVersionCPE
roi_revolutionurchin5.6.00r2cpe:2.3:a:roi_revolution:urchin:5.6.00r2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
roi_revolution	urchin	5.6.00r2	cpe:2.3:a:roi_revolution:urchin:5.6.00r2:::::::*

References

osvdb.org/36807

pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html

secunia.com/advisories/26682

www.securityfocus.com/bid/25530

www.vupen.com/english/advisories/2007/3085

exchange.xforce.ibmcloud.com/vulnerabilities/36401

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.007

Percentile

80.2%

JSON

Related for NVD:CVE-2007-4713

cve2 prion2 cvelist2 nvd1