CVE-2007-3213

Опубликовано: 14 июн. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view and (2) mode parameters.

Ссылки

http://osvdb.org/36384
http://pridels-team.blogspot.com/2007/06/sporum-forum-xss-vuln.html
http://secunia.com/advisories/25617
Vendor Advisory
http://www.securityfocus.com/bid/24439
http://www.vupen.com/english/advisories/2007/2147
https://exchange.xforce.ibmcloud.com/vulnerabilities/34829
http://osvdb.org/36384
http://pridels-team.blogspot.com/2007/06/sporum-forum-xss-vuln.html
http://secunia.com/advisories/25617
Vendor Advisory
http://www.securityfocus.com/bid/24439
http://www.vupen.com/english/advisories/2007/2147
https://exchange.xforce.ibmcloud.com/vulnerabilities/34829

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sporum_forum:sporum_forum:*:*:*:*:*:*:*:*

Версия до 3.0.9 (включая)

EPSS

Процентиль: 66%

0.00507

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gm69-6gh3-7539

github

почти 4 года назад