CVE-2007-3288

Sažetak

Cross-site scripting (XSS) vulnerability in the skeltoac stats (Automattic Stats) 1.0 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer field.

Reference

http://osvdb.org/38472
http://securityreason.com/securityalert/2826
http://www.securityfocus.com/archive/1/471734/100/0/threaded
http://www.securityfocus.com/bid/24551
https://exchange.xforce.ibmcloud.com/vulnerabilities/34934

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

16-10-2018 - 16:48

Objavljeno

20-06-2007 - 21:30