Vulnerability Description
Cross-site scripting (XSS) vulnerability in the RSS reader in a certain SOURCENEXT product, probably IKANARI JIJYOU 1.0.0 and 1.0.1, allows remote attackers to inject arbitrary web script or HTML via the title of an article in a feed.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sourcenext | Ikanari Jijyou | 1.0.0 |
References
- http://jvn.jp/jp/JVN%2364227086/index.html
- http://www.sourcenext.info/download/jijou.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33452
- http://jvn.jp/jp/JVN%2364227086/index.html
- http://www.sourcenext.info/download/jijou.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33452
FAQ
What is CVE-2007-1611?
CVE-2007-1611 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the RSS reader in a certain SOURCENEXT product, probably IKANARI JIJYOU 1.0.0 and 1.0.1, allows remote attackers to inject arbitrary web script or HTML via ...
How severe is CVE-2007-1611?
CVE-2007-1611 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1611?
Check the references section above for vendor advisories and patch information. Affected products include: Sourcenext Ikanari Jijyou.