CVE-2007-2702

Опубликовано: 16 мая 2007

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.

Ссылки

http://dev2dev.bea.com/pub/advisory/235
Patch
Vendor Advisory
http://osvdb.org/36066
http://secunia.com/advisories/25284
Vendor Advisory
http://www.securitytracker.com/id?1018060
http://www.vupen.com/english/advisories/2007/1815
https://exchange.xforce.ibmcloud.com/vulnerabilities/34283
http://dev2dev.bea.com/pub/advisory/235
Patch
Vendor Advisory
http://osvdb.org/36066
http://secunia.com/advisories/25284
Vendor Advisory
http://www.securitytracker.com/id?1018060
http://www.vupen.com/english/advisories/2007/1815
https://exchange.xforce.ibmcloud.com/vulnerabilities/34283

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:weblogic_portal:9.2:ga:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00623

Низкий

3.5 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-47jj-pq3c-8pjm

github

почти 4 года назад