CVE-2007-3291

Sažetak

Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php.

Reference

http://osvdb.org/37491
http://secunia.com/advisories/25744
http://www.securityfocus.com/bid/24580
https://exchange.xforce.ibmcloud.com/vulnerabilities/35148
https://www.exploit-db.com/exploits/4082

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-10-2017 - 01:32

Objavljeno

20-06-2007 - 21:30