CVE-2007-5577

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item.

Reference

http://www.joomla.org/content/view/3677/1/
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=5654
http://www.joomla.org/content/view/3670/78/
http://www.securityfocus.com/bid/24663
http://secunia.com/advisories/25804
http://osvdb.org/37173
https://exchange.xforce.ibmcloud.com/vulnerabilities/35119

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

01-10-2021 - 15:03

Objavljeno

18-10-2007 - 21:17