CVE-2007-4874

Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.03 allow remote attackers to inject arbitrary web script or HTML via the (1) l_username parameter to admin/layout2b.php, and the (2) backurl parameter to comment.php.
Configurations

Configuration 1

cpe:2.3:a:boesch-it:simpnews:2.41.03:*:*:*:*:*:*:*

Information

Published : 2007-09-26 08:17

Updated : 2018-10-15 09:38


NVD link : CVE-2007-4874

Mitre link : CVE-2007-4874

Products Affected
No products.
CWE