CVE-2007-2908

Published: May 30, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin before 3.6.6 allows remote attackers to inject arbitrary web script or HTML via the title field in a single add action.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070516 vbulletin < 3.6.6 [permanent xss]

mailing-list

x_refsource_BUGTRAQ

24020

vdb-entry

x_refsource_BID

35155

vdb-entry

x_refsource_OSVDB

vbulletin-calendar-xss(34333)

vdb-entry

x_refsource_XF

25309

third-party-advisory

x_refsource_SECUNIA

2751

third-party-advisory

x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2908

Description

Affected Products

References