CVE-2007-4900

2007-09-1418:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.008

Percentile

81.5%

JSON

Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field.

References

osvdb.org/37099

secunia.com/advisories/26707

securityreason.com/securityalert/3137

www.securityfocus.com/archive/1/479183/100/0/threaded

www.securityfocus.com/bid/25645

www.vupen.com/english/advisories/2007/3198

exchange.xforce.ibmcloud.com/vulnerabilities/36575