Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5280

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5280
Last Modified 15 Nov 2008 02:00:28
Published 08 Oct 2007 08:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5280

Summary

Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in AppFuse before 2.0 Final allow remote attackers to inject arbitrary web script or HTML via unspecified input that is recorded in (1) success or (2) error messages.

Vulnerable Systems

Application

  • Appfuse 2.0-rc1


References

SECUNIA - 27041

BID - 25927

OSVDB - 37423

CONFIRM - http://issues.appfuse.org/browse/APF-880

CONFIRM - http://appfuse.org/display/APF/Release+Notes+2.0


Last Updated: 27 May 2016 10:46:08