CVE-2007-3412

2007-06-2623:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.8%

JSON

Cross-site scripting (XSS) vulnerability in edit_image.asp in ClickGallery Server 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter.

References

osvdb.org/36371

pridels-team.blogspot.com/2007/06/clickgallery-server-vuln.html

secunia.com/advisories/25805

exchange.xforce.ibmcloud.com/vulnerabilities/35024