Back to search
CVE-2007-5176
Published: Oct 3, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) NA_DISPLAYNAME parameter in helpdesk/user/rf_create.jsp and the (2) username and (3) LDAPError parameters in index2.jsp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
grouplnk-ehelpdesk-index2-xss(36886)
vdb-entry
x_refsource_XF
26892
third-party-advisory
x_refsource_SECUNIA
25870
vdb-entry
x_refsource_BID
37535
vdb-entry
x_refsource_OSVDB
37536
vdb-entry
x_refsource_OSVDB
grouplink-ehelpdesk-rfcreate-xss(36885)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now