CVE-2007-4945 in LetterGradeinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via (1) a student s email address, (2) the year parameter to genbrws/Student/cal_month.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

09/18/2007

Disclosure

09/18/2007

Moderation

VulDB entry created

Entries

VDB-38838 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00351

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4945
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4945
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4945/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!