CVE-2007-0896 : Detail

CVE-2007-0896

Cross-site Scripting
A03-Injection
9.33%V4
Network
2007-02-13
10h00 +00:00
2017-07-28
10h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "

Exploit information

Exploit Database EDB-ID : 29573

Publication date : 2007-02-08 23h00 +00:00
Author : Fukumori
EDB Verified : Yes

Products Mentioned

Configuraton 0

Mozilla>>Firefox >> Version *

Sage>>Sage >> Version *

Sage>>Sage >> Version To (including) 1.3.9

Sage>>Sage >> Version 1.0_beta_3

Sage>>Sage >> Version 1.3.6

References

http://osvdb.org/33131
Tags : vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1017624
Tags : vdb-entry, x_refsource_SECTRACK
http://jvn.jp/jp/JVN%2384430861/index.html
Tags : third-party-advisory, x_refsource_JVN
http://secunia.com/advisories/24086
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/22493
Tags : vdb-entry, x_refsource_BID
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.