CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-5648

Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/38204
http://secunia.com/advisories/27404
http://www.lezr.com/exploits/id/84
http://www.securityfocus.com/bid/26140
http://osvdb.org/38204
http://secunia.com/advisories/27404
http://www.lezr.com/exploits/id/84
http://www.securityfocus.com/bid/26140

Products affected by CVE-2007-5648

Rnote » Rnote » Version: 0.9.7.5

cpe:2.3:a:rnote:rnote:0.9.7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-5648

Products

Pricing

Contact Us