Vulnerabilities > Sage > Sage > 1.0.beta.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-13 | CVE-2007-0896 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712. | 4.3 |
2003-12-31 | CVE-2003-1243 | Cross-Site Scripting vulnerability in Sage Content Management System Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. network sage | 4.3 |
2003-12-31 | CVE-2003-1242 | Path Disclosure vulnerability in Sage Content Management System Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. | 5.0 |