How severe is CVE-2007-6461?

The severity of CVE-2007-6461 has not been assessed with CVSS v3.

CVE-2007-6461

Name: flyspray
Author: flyspray

NONE

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index ac

Опубликовано: 12/20/2007Обновлено: 4/9/2025

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 allow remote attackers to inject arbitrary web script or HTML via (1) the query string in an index action, related to the savesearch JavaScript function; and (2) the details parameter in a details action, related to the History tab and the getHistory JavaScript function.

ИИ-АнализНа базе ИИ

Затронутые продукты

flysprayflyspray

0.9.9

flysprayflyspray

0.9.9.1

flysprayflyspray

0.9.9.2

flysprayflyspray

0.9.9.3

Ссылки

http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory
http://flyspray.org/fsa:2
http://osvdb.org/39256
http://osvdb.org/39257
http://secunia.com/advisories/28106
Vendor Advisory