Vulnerability Description
Cross-site scripting (XSS) vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a certain data2 array element.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wikyblog | Wikyblog | <= 1.4.12 |
References
- http://osvdb.org/36076
- http://secunia.com/advisories/25308PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=509254
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegiste
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegiste
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34373
- http://osvdb.org/36076
- http://secunia.com/advisories/25308PatchVendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=509254
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegiste
- http://wikyblog.svn.sourceforge.net/viewvc/wikyblog/trunk/include/sessionRegiste
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34373
FAQ
What is CVE-2007-2781?
CVE-2007-2781 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site scripting (XSS) vulnerability in include/sessionRegister.php in WikyBlog before 1.4.13 allows remote attackers to inject arbitrary web script or HTML, probably via vectors related to a cert...
How severe is CVE-2007-2781?
CVE-2007-2781 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2781?
Check the references section above for vendor advisories and patch information. Affected products include: Wikyblog Wikyblog.