Vulnerabilities > CVE-2007-0384 - Cross-Site Scripting vulnerability in Postnuke Software Foundation Postnuke 0.764

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
postnuke-software-foundation
NVD
Published: 2007-01-19
Updated: 2008-11-13

Summary

Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Postnuke_Software_Foundation
1

References