Vulnerabilities (CVE)

Filtered by vendor The Seasar Foundation Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4595 1 The Seasar Foundation 1 Mayaa 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving (1) lack of charset specification within a META element or (2) a META element that specifies an unrecognized charset, which trigger automatic character set recognition by the web browser, as demonstrated by improper handling of UTF-7 data.
CVE-2007-4587 1 The Seasar Foundation 1 Escafeweb 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Easy Software Cafeteria escafeWeb (aka Tuigwaa) 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the setting of option.nopage.create in tuigwaa.properties.