Vulnerabilities > CVE-2007-0183 - Cross-Site Scripting vulnerability in SUN Iplanet web Server 4.1

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
sun
exploit available
NVD
Published: 2007-01-12
Updated: 2008-11-15

Summary

Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Sun
21

Exploit-Db

descriptioniPlanet Web Server 4.1 Search Module Cross-Site Scripting Vulnerability. CVE-2007-0183. Remote exploits for multiple platform
idEDB-ID:29439
last seen2016-02-03
modified2007-01-09
published2007-01-09
reporterKhalsa
sourcehttps://www.exploit-db.com/download/29439/
titleiPlanet Web Server 4.1 - Search Module Cross-Site Scripting Vulnerability

References