Vulnerabilities > Plain Black > Webgui > 6.8.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-01-23 | CVE-2007-0407 | HTML Injection vulnerability in WebGUI Registration Username Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than CVE-2007-0308. network plain-black | 6.8 |
2007-01-18 | CVE-2007-0308 | Cross-Site Scripting vulnerability in WebGUI Wiki Title Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles. network plain-black | 6.8 |