CVE-2007-1768 in Mephisto Edgeinfo

Summary

Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/29/2007

Disclosure

03/29/2007

Moderation

VulDB entry created

Entries

VDB-35906 (1)

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00411

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-1768
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1768
CVE Details	https://www.cvedetails.com/cve/CVE-2007-1768/

◂ Previous Overview Next ▸