Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2007-3017

Published: 17/07/2007 Updated: 16/10/2018
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Contentserver

Vulnerability Summary

The WYSIWYG editor applet in activeWeb contentserver CMS prior to 5.6.2964 only filters malicious tags from articles sent to admin/applets/wysiwyg/rendereditor.asp, which allows remote authenticated users to inject arbitrary JavaScript via a request to admin/worklist/worklist_edit.asp.

Vulnerable Product Search on Vulmon Subscribe to Product

activeweb contentserver

Exploits

Exploit DB: ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass
source: wwwsecurityfocuscom/bid/24898/info activeWeb contentserver is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data An attacker can exploit these input-validation vulnerabilities to perform various attacks (eg cross-site scripting, SQL injection, etc) ...

References

NVD-CWE-Otherhttp://www.redteam-pentesting.de/advisories/rt-sa-2007-006.phphttp://www.securityfocus.com/bid/24898http://secunia.com/advisories/26063http://securityreason.com/securityalert/2900http://osvdb.org/39745https://exchange.xforce.ibmcloud.com/vulnerabilities/35399http://www.securityfocus.com/archive/1/473627/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/30299/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook