CVE-2007-6608 in OpenBiblio
摘要
由 VulDB • 2026-06-28
OpenBiblio 0.5.2-pre4及更早版本中存在多个跨站脚本(XSS)漏洞,远程攻击者可以通过向admin/staff_del_confirm.php的LAST和FIRST参数、admin/theme_del_confirm.php的name参数或admin/theme_preview.php的themeName参数注入任意Web脚本或HTML代码来利用这些漏洞。
VulDB is the best source for vulnerability data and more expert information about this specific topic.