Информационная безопасность
[RU] switch to English


CVECVE-2007-1939
СтатусCandidate
ОписаниеCross-site scripting (XSS) vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java.
Важность
High
CVSS score7
CVSS vector(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
PhaseAssigned (10.04.2007)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1939
ReferencesFRSIRT : ADV-2007-1759
 CONFIRM : http://www.danielnaber.de/languagetool/download/CH...
SecurityVulns:Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород