ID OSVDB:36813
Type osvdb
Reporter OSVDB
Modified 2007-06-12T00:00:00
Description
Manual Testing Notes
http://[target]/?text=%3Cscript%3Ealert(document.cookie)%3C/script%3E
References:
Other Advisory URL: http://websecurity.com.ua/1038/
CVE-2007-3486
{"bulletinFamily": "software", "viewCount": 1, "reporter": "OSVDB", "references": [], "description": "## Manual Testing Notes\nhttp://[target]/?text=%3Cscript%3Ealert(document.cookie)%3C/script%3E\n## References:\nOther Advisory URL: http://websecurity.com.ua/1038/\n[CVE-2007-3486](https://vulners.com/cve/CVE-2007-3486)\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:36813", "modified": "2007-06-12T00:00:00", "enchantments": {"score": {"value": 5.5, "vector": "NONE", "modified": "2017-04-28T13:20:32", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3486"]}], "modified": "2017-04-28T13:20:32", "rev": 2}, "vulnersScore": 5.5}, "id": "OSVDB:36813", "title": "AltaVista Search Engine URI text Variable XSS", "edition": 1, "published": "2007-06-12T00:00:00", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "cvelist": ["CVE-2007-3486"], "lastseen": "2017-04-28T13:20:32"}
{"cve": [{"lastseen": "2020-10-03T11:45:52", "description": "Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to inject arbitrary web script or HTML via the text parameter to the default URI.", "edition": 3, "cvss3": {}, "published": "2007-06-28T20:30:00", "title": "CVE-2007-3486", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3486"], "modified": "2008-11-15T06:52:00", "cpe": ["cpe:/a:altavista:search_engine:*"], "id": "CVE-2007-3486", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3486", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:altavista:search_engine:*:*:*:*:*:*:*:*"]}]}
