Vulnerabilities > CVE-2007-1028 - HTML Injection vulnerability in Barry Jaspan Image Pager 4.7/5.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
barry-jaspan
Summary
Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev before 2007-02-08 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |