CVE-2007-1358 - CERT CVE
ID CVE-2007-1358
Sažetak Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
Reference
CVSS
Base: 2.6
Impact: 2.9
Exploitability:4.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:H/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 07-11-2023 - 02:00
Objavljeno 10-05-2007 - 00:19