Vulnerability Details CVE-2007-1177
WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.9%
CVSS Severity
CVSS v2 Score 5.8
References
- http://osvdb.org/33277
- http://osvdb.org/33283
- http://osvdb.org/33286
- http://osvdb.org/33287
- http://secunia.com/advisories/24080
- http://www.securityfocus.com/bid/22563
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
- http://osvdb.org/33277
- http://osvdb.org/33283
- http://osvdb.org/33286
- http://osvdb.org/33287
- http://secunia.com/advisories/24080
- http://www.securityfocus.com/bid/22563
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
Products affected by CVE-2007-1177
-
cpe:2.3:a:web-app.org:webapp:0.9.9
-
cpe:2.3:a:web-app.org:webapp:0.9.9.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.2
-
cpe:2.3:a:web-app.org:webapp:0.9.9.2.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3.1
-
cpe:2.3:a:web-app.org:webapp:0.9.9.3.2
-
cpe:2.3:a:web-app.org:webapp:0.9.9.4