NVD

Id
58385  
Name
CVE-2007-6390  
Description
Cross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting (XSS) attacks on the blog page.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-12-17  
Modified Date
2008-09-05  
Seq
2007-6390  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
299470 58385 CVE-2007-6390 http://www.hboeck.de/archives/572-Some-XSS-issues-in-Serendipity-found.html  View
299471 58385 CVE-2007-6390 26955  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57740 JVNDB-2007-006432 Serendipity 用の mycalendar プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 Serendipity 用の mycalendar プラグインには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2007-6390 29745 CVE-2007-6390 58385 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006432.html 2007-12-17 2012-12-20 View