Vulnerability Description
Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Tibia Server Cms | Open Tibia Server Cms | 2.0 |
References
- http://osvdb.org/33170
- http://secunia.com/advisories/24116
- http://www.securityfocus.com/bid/22450ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32324
- https://www.exploit-db.com/exploits/3283
- http://osvdb.org/33170
- http://secunia.com/advisories/24116
- http://www.securityfocus.com/bid/22450ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32324
- https://www.exploit-db.com/exploits/3283
FAQ
What is CVE-2007-0846?
CVE-2007-0846 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter.
How severe is CVE-2007-0846?
CVE-2007-0846 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0846?
Check the references section above for vendor advisories and patch information. Affected products include: Open Tibia Server Cms Open Tibia Server Cms.