How severe is CVE-2007-6461?

The severity of CVE-2007-6461 has not been assessed with CVSS v3.

CVE-2007-6461

Name: flyspray
Author: flyspray

NONE

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index ac

Published: 12/20/2007Updated: 4/9/2025

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index action, related to the savesearch JavaScript function; and (2) the details parameter in a details action, related to the History tab and the getHistory JavaScript function.

AI AnalysisPowered by AI

Affected Products

flysprayflyspray

0.9.9

flysprayflyspray

0.9.9.1

flysprayflyspray

0.9.9.2

flysprayflyspray

0.9.9.3

References

http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory
http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory