CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-3822

Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involving (2) calendar mode, (3) bulletin board mode, (4) room names, and (5) uploaded file names.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.071

EPSS Ranking 91.0%

CVSS Severity

CVSS v2 Score 2.6

References

http://osvdb.org/38176
http://osvdb.org/38177
http://osvdb.org/38178
http://osvdb.org/38179
http://osvdb.org/38180
http://secunia.com/advisories/26090
http://securityreason.com/securityalert/2890
http://www.securityfocus.com/archive/1/473714/100/0/threaded
http://www.securityfocus.com/bid/24913
https://exchange.xforce.ibmcloud.com/vulnerabilities/35433
http://osvdb.org/38176
http://osvdb.org/38177
http://osvdb.org/38178
http://osvdb.org/38179
http://osvdb.org/38180
http://secunia.com/advisories/26090
http://securityreason.com/securityalert/2890
http://www.securityfocus.com/archive/1/473714/100/0/threaded
http://www.securityfocus.com/bid/24913
https://exchange.xforce.ibmcloud.com/vulnerabilities/35433

Products affected by CVE-2007-3822

Citadel » Webcit » Version: N/A

cpe:2.3:a:citadel:webcit:-
Citadel » Webcit » Version: 7.10

cpe:2.3:a:citadel:webcit:7.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-3822

Products

Pricing

Contact Us