Lucene search

PRIOn knowledge basePRION:CVE-2007-1872

HistoryApr 13, 2007 - 6:19 p.m.

Cross site scripting

2007-04-1318:19:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

80.9%

JSON

Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search id.

CPENameOperatorVersion
toendacmseq1.5.3

CPE	Name	Operator	Version
	toendacms	eq	1.5.3

References

int21.de/cve/CVE-2007-1872-toendacms.txt

osvdb.org/34898

secunia.com/advisories/24869

securityreason.com/securityalert/2568

www.securityfocus.com/archive/1/465487/100/0/threaded

www.securityfocus.com/bid/23453

www.vupen.com/english/advisories/2007/1372

exchange.xforce.ibmcloud.com/vulnerabilities/33622

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

80.9%

JSON

Related for PRION:CVE-2007-1872