Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5426

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5426
Last Modified 15 Nov 2008 02:00:55
Published 12 Oct 2007 07:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5426

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to inject arbitrary web script or HTML via the page parameter to the default URI for some directories, as demonstrated by (1) ActiveKB/ and (2) default/categories/ActiveKB/.

Vulnerable Systems

Application

  • Interspire Activekb Nx 2.5.4


References

XF - activekbnx-page-xss(37066)

BUGTRAQ - 20071010 Vulnerabilities digest

MISC - http://securityvulns.ru/Rdocument956.html

OSVDB - 37661

BID - 26027

SREASON - 3216

SECUNIA - 27194


Last Updated: 27 May 2016 10:46:10