Vulnerability Description
Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Free Lan Intra Internet Portal | Free Lan Intra Internet Portal | 0.9.0.730 |
References
- http://osvdb.org/33650
- http://sourceforge.net/project/shownotes.php?release_id=481131&group_id=98260
- http://www.vupen.com/english/advisories/2007/0454
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31900
- http://osvdb.org/33650
- http://sourceforge.net/project/shownotes.php?release_id=481131&group_id=98260
- http://www.vupen.com/english/advisories/2007/0454
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31900
FAQ
What is CVE-2007-0696?
CVE-2007-0696 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parame...
How severe is CVE-2007-0696?
CVE-2007-0696 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0696?
Check the references section above for vendor advisories and patch information. Affected products include: Free Lan Intra Internet Portal Free Lan Intra Internet Portal.