Lucene search
Ubuntu.comUB:CVE-2007-3918HistoryOct 05, 2007 - 12:00 a.m.
CVE-2007-3918
2007-10-0500:00:00
ubuntu.com
ubuntu.com
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
66.4%
Cross-site scripting (XSS) vulnerability in account/verify.php in GForge
4.6b2 allows remote attackers to inject arbitrary web script or HTML via
the confirm_hash parameter.
Notes
| Author | Note |
|---|---|
| kees | sarge:3.1-31sarge3 etch:4.5.14-22etch2 sid:4.6.99+svn6094-1 |
Related
cvelist
cvelist
CVE-2007-3918
2007-10-05 22:00:00
cve
cve
CVE-2007-3918
2007-10-05 22:17:00
openvas
openvas
Debian Security Advisory DSA 1383-1 (gforge)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1383-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1383-1] New gforge packages fix cross-site scripting
2007-10-04 22:22:52
prion
prion
Cross site scripting
2007-10-05 22:17:00
nessus
nessus
Debian DSA-1383-1 : gforge - XSS
2007-10-09 00:00:00
GForge account/verify.php confirm_hash Parameter XSS
2007-10-08 00:00:00
osv
osv
gforge - cross-site scripting
2007-10-04 00:00:00
nvd
nvd
CVE-2007-3918
2007-10-05 22:17:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
66.4%
Related for UB:CVE-2007-3918