How severe is CVE-2007-6461?

The severity of CVE-2007-6461 has not been assessed with CVSS v3.

CVE-2007-6461

Name: flyspray
Author: flyspray

NONE

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index ac

Veröffentlicht: 12/20/2007Aktualisiert: 4/9/2025

Beschreibung

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index action, related to the savesearch JavaScript function; and (2) the details parameter in a details action, related to the History tab and the getHistory JavaScript function.

KI-AnalyseKI-gestützt

Betroffene Produkte

flysprayflyspray

0.9.9

flysprayflyspray

0.9.9.1

flysprayflyspray

0.9.9.2

flysprayflyspray

0.9.9.3

Referenzen

http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory
http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory