Lucene search

PRIOn knowledge basePRION:CVE-2007-0973

HistoryFeb 16, 2007 - 1:28 a.m.

Cross site scripting

2007-02-1601:28:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.062 Low

EPSS

Percentile

93.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitization when an administrator performs a Logged Guest action.

CPENameOperatorVersion
jupiter_cmseq1.1.5

CPE	Name	Operator	Version
	jupiter_cms	eq	1.1.5

References

mgsdl.free.fr/advisories/12070214.txt

osvdb.org/33729

www.acid-root.new.fr/advisories/12070214.txt

www.securityfocus.com/archive/1/460076/100/0/threaded

www.securityfocus.com/archive/1/460100/100/0/threaded

www.securityfocus.com/bid/22560

exchange.xforce.ibmcloud.com/vulnerabilities/32518

6 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.062 Low

EPSS

Percentile

93.4%

JSON

Related for PRION:CVE-2007-0973