PRIOn knowledge basePRION:CVE-2007-3973Cross site scripting
6.1 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
88.9%
Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, or the (2) search parameter or (3) theme cookie to (b) recherche.php.
References
osvdb.org/38557
osvdb.org/38558
secunia.com/advisories/26165
securityreason.com/securityalert/2919
www.securityfocus.com/archive/1/474320/100/0/threaded
www.securityfocus.com/bid/24991
www.vupen.com/english/advisories/2007/2611
exchange.xforce.ibmcloud.com/vulnerabilities/35551
exchange.xforce.ibmcloud.com/vulnerabilities/35556
www.exploit-db.com/exploits/4211
6.1 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
88.9%