CVE-2007-4245

Опубликовано: 08 авг. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Search.php in DiMeMa CONTENTdm (CDM) allows remote attackers to inject arbitrary web script or HTML via a search, probably related to the CISOBOX1 parameter to results.php in CDM 4.2.

Ссылки

http://osvdb.org/36437
http://secunia.com/advisories/26324
http://securityreason.com/securityalert/2980
http://www.securityfocus.com/archive/1/475543/100/0/threaded
http://www.securityfocus.com/bid/25199
https://exchange.xforce.ibmcloud.com/vulnerabilities/35809
http://osvdb.org/36437
http://secunia.com/advisories/26324
http://securityreason.com/securityalert/2980
http://www.securityfocus.com/archive/1/475543/100/0/threaded
http://www.securityfocus.com/bid/25199
https://exchange.xforce.ibmcloud.com/vulnerabilities/35809

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dimema:contentdm:*:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00508

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-2fgq-wq42-4xxq

github

почти 4 года назад