Vulnerability Description
Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fenrir | Grani | <= 3.0 |
| Fenrir | Sleipnir | <= 2.5.17 |
Related Weaknesses (CWE)
References
- http://jvn.jp/jp/JVN%2365427327/index.html
- http://osvdb.org/38875
- http://osvdb.org/38876
- http://secunia.com/advisories/27655PatchVendor Advisory
- http://secunia.com/advisories/27675PatchVendor Advisory
- http://www.fenrir.co.jp/grani/note.html
- http://www.fenrir.co.jp/sleipnir/note.html
- http://www.securityfocus.com/bid/26418Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38441
- http://jvn.jp/jp/JVN%2365427327/index.html
- http://osvdb.org/38875
- http://osvdb.org/38876
- http://secunia.com/advisories/27655PatchVendor Advisory
- http://secunia.com/advisories/27675PatchVendor Advisory
- http://www.fenrir.co.jp/grani/note.html
FAQ
What is CVE-2007-6002?
CVE-2007-6002 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field...
How severe is CVE-2007-6002?
CVE-2007-6002 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6002?
Check the references section above for vendor advisories and patch information. Affected products include: Fenrir Grani, Fenrir Sleipnir.