CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
77.2%
Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.
Vendor | Product | Version | CPE |
---|---|---|---|
free_lan_intra_internet_portal | free_lan_intra_internet_portal | 0.9.0.730 | cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.730:*:*:*:*:*:*:* |
free_lan_intra_internet_portal | free_lan_intra_internet_portal | 0.9.0.1029 | cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.1029:*:*:*:*:*:*:* |
free_lan_intra_internet_portal | free_lan_intra_internet_portal | 1.0_rc1 | cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc1:*:*:*:*:*:*:* |
free_lan_intra_internet_portal | free_lan_intra_internet_portal | 1.0_rc2 | cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc2:*:*:*:*:*:*:* |