NVD

Id
55255  
Name
CVE-2007-3101  
Description
Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-06-18  
Modified Date
2012-10-30  
Seq
2007-3101  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
280794 55255 CVE-2007-3101 http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272  View
280795 55255 CVE-2007-3101 20070614 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability  View
280796 55255 CVE-2007-3101 24480  View
280797 55255 CVE-2007-3101 ADV-2007-2212  View
280798 55255 CVE-2007-3101 myfaces-autoscroll-xss(34872)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53466 JVNDB-2007-002158 Apache MyFaces Tomahawk の 特定の JSF アプリケーションにおけるクロスサイトスクリプティングの脆弱性 Apache MyFaces Tomahawk の 特定の JSF アプリケーションには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-3101 26456 CVE-2007-3101 55255 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002158.html 2007-06-18 2012-06-26 View