Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2007-0176

Cross-site scripting (XSS) vulnerability in search/advanced_search.php in GForge 4.5.11 allows remote attackers to inject arbitrary web script or HTML via the words parameter.

PublishedJan 11, 2007, 00:28

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://osvdb.org/31248
http://secunia.com/advisories/23675
http://secunia.com/advisories/28598
http://securityreason.com/securityalert/2133
http://securitytracker.com/id?1017482
http://www.debian.org/security/2008/dsa-1475
http://www.eazel.es/advisory006-gforge-cross-site-scripting-vulnerability.html
http://www.securityfocus.com/archive/1/456296/100/0/threaded
http://www.securityfocus.com/bid/21946
https://exchange.xforce.ibmcloud.com/vulnerabilities/31346

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

6.8

Vector String

AV:N/AC:M/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)