CVE-2007-4146
CVE-2007-4146 describes a cross-site scripting (XSS) vulnerability in the WebEvent product’s webevent.cgi script, affecting versions 2.61 through 4.03. The flaw permits remote attackers to inject arbitrary web script or HTML via the cmd parameter. The description does not specify exploit details ...