CVE-2007-0175

Опубликовано: 11 янв. 2007

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.

Релиз	Статус	Примечание
dapper	ignored	end of life
devel	DNE
edgy	ignored	end of life, was needed
feisty	ignored	end of life, was needed
gutsy	released	0.9.2-4
hardy	DNE
intrepid	not-affected	2.4.2-1
jaunty	not-affected	2.4.2-1
karmic	not-affected	2.4.2-1
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2007-0175

EPSS

Процентиль: 65%

0.00507

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2007-0175

nvd

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.

CVE-2007-0175

debian

больше 18 лет назад

Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolu ...

GHSA-c6qv-jf35-wmfp

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.

EPSS

Процентиль: 65%

0.00507

Низкий

4.3 Medium

CVSS2

CVE-2007-0175

Описание

Пакет b2evolution

Ссылки на источники

Связанные уязвимости