Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign function.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomla | Akobook | 3.42 |
| Mambo | Mambo Site Server | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/37533
- http://secunia.com/advisories/26706Vendor Advisory
- http://securityreason.com/securityalert/3101
- http://trew.icenetx.net/toolz/advisory-mambo-akobook-en.txtVendor Advisory
- http://www.securityfocus.com/bid/25576
- http://www.vupen.com/english/advisories/2007/3080
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36471
- http://osvdb.org/37533
- http://secunia.com/advisories/26706Vendor Advisory
- http://securityreason.com/securityalert/3101
- http://trew.icenetx.net/toolz/advisory-mambo-akobook-en.txtVendor Advisory
- http://www.securityfocus.com/bid/25576
- http://www.vupen.com/english/advisories/2007/3080
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36471
FAQ
What is CVE-2007-4745?
CVE-2007-4745 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript event...
How severe is CVE-2007-4745?
CVE-2007-4745 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4745?
Check the references section above for vendor advisories and patch information. Affected products include: Joomla Akobook, Mambo Mambo Site Server.