Secunia
Login
|
|
CVE Reference: CVE-2007-5806 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-5806 |
|
|
Description: Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, as demonstrated using the style and onmouseover HTML attributes. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/38171 SREASON http://securityreason.com/securityalert/3340 SAID Secunia Advisory: SA27457 OSVDB 38328 CONFIRM http://www.ilias.de/docu/goto.php?target=st_229_35&client_id=docu http://downloads.sourceforge.net/ilias/ilias.3.8.3.security.patch.zip BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/483011/100/0/threaded BID 26264 |
|
| Return to the previous page. |
