CVE-2007-6295

Sažetak

Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime before 8.0 allows remote attackers to inject arbitrary web script or HTML via the URI.

Reference

http://osvdb.org/39258
http://secunia.com/advisories/27941
http://www.securityfocus.com/bid/26734
http://www.securitytracker.com/id?1019053
http://www.vupen.com/english/advisories/2007/4104
http://www-1.ibm.com/support/docview.wss?uid=sim5079c9d76e4fcf910852573a800495249
https://exchange.xforce.ibmcloud.com/vulnerabilities/38891

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

08-08-2017 - 01:29

Objavljeno

10-12-2007 - 18:46