QwikSec

Security Database

CVE

CWE

Training

CVE-2007-6306

Published: Dec 11, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coords attribute of a chart area.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

http://www.rapid7.com/advisories/R7-0031.jsp

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

http://jfreechart.svn.sourceforge.net/viewvc/jfreechart/branches/jfreechart-1.0.8-security/NEWS?r1=679&r2=680

x_refsource_CONFIRM

http://jfreechart.svn.sourceforge.net/viewvc/jfreechart/trunk/source/org/jfree/chart/entity/ChartEntity.java?r1=662&r2=661&pathrev=662

x_refsource_MISC

vdb-entry

x_refsource_BID

20071206 R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

http://jfreechart.svn.sourceforge.net/viewvc/jfreechart/trunk/source/org/jfree/chart/imagemap/ImageMapUtilities.java?r1=662&r2=661&pathrev=662

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

jfreechart-imagemap-xss(38922)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.