CVE-2007-6001

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid parameter in a (3) log or (4) user action, a different vulnerability than CVE-2007-3910.
Configurations

Configuration 1 (hide)

cpe:2.3:a:bandersnatch:bandersnatch:0.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:39

Type Values Removed Values Added
References () http://www.portcullis-security.com/180.php - () http://www.portcullis-security.com/180.php -
References () http://www.securityfocus.com/bid/26553 - () http://www.securityfocus.com/bid/26553 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/38360 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/38360 -

Information

Published : 2007-11-15 22:46

Updated : 2024-11-21 00:39


NVD link : CVE-2007-6001

Mitre link : CVE-2007-6001

CVE.ORG link : CVE-2007-6001


JSON object : View

Products Affected

bandersnatch

  • bandersnatch
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')