CVE-2007-3930 in DokuWikiinfo

Summary

Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

07/20/2007

Disclosure

07/20/2007

Moderation

VulDB entry created

Entries

VDB-37931 (1)

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.17425

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-3930
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3930
CVE Details	https://www.cvedetails.com/cve/CVE-2007-3930/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!