exploitDog

CVE-2007-1132

Опубликовано: 27 фев. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) message and (2) title fields.

Ссылки

http://osvdb.org/37443
http://www.securityfocus.com/archive/1/461330/100/100/threaded
http://www.securityfocus.com/bid/22690
Vendor Advisory
http://www.vupen.com/english/advisories/2007/0755
Vendor Advisory
http://osvdb.org/37443
http://www.securityfocus.com/archive/1/461330/100/100/threaded
http://www.securityfocus.com/bid/22690
Vendor Advisory
http://www.vupen.com/english/advisories/2007/0755
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mtcms:mtcms:2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00362

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-34qf-2gp8-q45p

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) message and (2) title fields.

EPSS

Процентиль: 58%

0.00362

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79