CVE-2007-3694

Опубликовано: 14 нояб. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Ссылки

http://securityreason.com/securityalert/3363
http://www.int21.de/cve/CVE-2007-3694-bm.html
http://www.securityfocus.com/archive/1/483575/100/0/threaded
http://www.securityfocus.com/bid/26407
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/38418
http://securityreason.com/securityalert/3363
http://www.int21.de/cve/CVE-2007-3694-bm.html
http://www.securityfocus.com/archive/1/483575/100/0/threaded
http://www.securityfocus.com/bid/26407
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/38418

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getmiro:broadcast_machine:0.9.9.9:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01599

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-q534-gvjc-fpgw

github

почти 4 года назад