NVD

Id
55491  
Name
CVE-2007-3339  
Description
Multiple cross-site scripting (XSS) vulnerabilities in forum/include/error/autherror.cfm in FuseTalk Basic, Standard, Enterprise, and ColdFusion allow remote attackers to inject arbitrary web script or HTML via the (1) FTVAR_LINKP and (2) FTVAR_URLP parameters to (a) forum/include/error/autherror.cfm, and the (3) FTVAR_SCRIPTRUN parameter to (b) forum/include/common/comfinish.cfm and (c) blog/include/common/comfinish.cfm.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-06-21  
Modified Date
2012-10-24  
Seq
2007-3339  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
282000 55491 CVE-2007-3339 2842  View
282001 55491 CVE-2007-3339 20070620 fusetalk CSS (comfinish.cfm)  View
282002 55491 CVE-2007-3339 20070620 fusetalk CSS (autherror.cfm)  View
282003 55491 CVE-2007-3339 24563  View
282004 55491 CVE-2007-3339 24564  View
282005 55491 CVE-2007-3339 fusetalk-comfinish-autherror-xss(34955)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53531 JVNDB-2007-002223 FuseTalk の forum/include/error/autherror.cfm におけるクロスサイトスクリプティングの脆弱性 FuseTalk の forum/include/error/autherror.cfm には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-3339 26694 CVE-2007-3339 55491 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002223.html 2007-06-21 2012-06-26 View