Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Beehive Forum | Beehive Forum | 0.7.1 |
References
- http://osvdb.org/36380
- http://secunia.com/advisories/25634Vendor Advisory
- http://www.dragoslungu.com/2007/06/10/beehive-zero-vulnerabilities-myth-busted/
- http://www.securityfocus.com/bid/24413
- http://www.vupen.com/english/advisories/2007/2146
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34827
- http://osvdb.org/36380
- http://secunia.com/advisories/25634Vendor Advisory
- http://www.dragoslungu.com/2007/06/10/beehive-zero-vulnerabilities-myth-busted/
- http://www.securityfocus.com/bid/24413
- http://www.vupen.com/english/advisories/2007/2146
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34827
FAQ
What is CVE-2007-3212?
CVE-2007-3212 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir pa...
How severe is CVE-2007-3212?
CVE-2007-3212 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3212?
Check the references section above for vendor advisories and patch information. Affected products include: Beehive Forum Beehive Forum.