Lucene search

[email protected]CVE-2007-2203

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2203

2007-04-2420:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2203

cross-site scripting

xss

big blue guestbook

remote attackers

web script

html

guestbook entry

vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows remote attackers to inject arbitrary web script or HTML via the message field in the guestbook entry submission form.

Affected configurations

NVD

Node

big_blueguestbook

CPENameOperatorVersion
big_blue:guestbookbig blue guestbookeq*

CPE	Name	Operator	Version
big_blue:guestbook	big blue guestbook	eq	*

References

osvdb.org/35313

secunia.com/advisories/24997

www.securityfocus.com/archive/1/466693/100/0/threaded

www.securityfocus.com/bid/23591

www.vupen.com/english/advisories/2007/1518

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for CVE-2007-2203

prion1 nvd1 cvelist1