CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-0384

Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v2 Score 5.1

References

http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
http://noc.postnuke.com/plugins/scmsvn/viewcvs.php/trunk/Historic/PostNuke7x/html/modules/?root=postnuke
http://osvdb.org/35473
http://www.hackers.ir/advisories/festival.txt
http://www.securityfocus.com/bid/22119
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
http://noc.postnuke.com/plugins/scmsvn/viewcvs.php/trunk/Historic/PostNuke7x/html/modules/?root=postnuke
http://osvdb.org/35473
http://www.hackers.ir/advisories/festival.txt
http://www.securityfocus.com/bid/22119

Products affected by CVE-2007-0384

Postnuke Software Foundation » Postnuke » Version: 0.764

cpe:2.3:a:postnuke_software_foundation:postnuke:0.764

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0384

Products

Pricing

Contact Us