2 matches found
CVE-2007-6001
Multiple cross-site scripting XSS vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 func or 2 date parameter, or the jid parameter in a 3 log or 4 user action, a different vulnerability than CVE-2007-3910...
CVE-2007-6001
CVE-2007-6001 concerns Bandersnatch 0.4. The connected documents confirm multiple cross-site scripting (XSS) vulnerabilities in index.php, exploitable via parameters (func, date, jid) in actions (log, user). Root cause is improper handling of user-supplied input leading to script/HTML injection. ...