ByteOS Network

NVD Vulnerability Details :

CVE-2007-2423

Modified

Source-cve@mitre.org

Published At-02 May, 2007 | 00:19

Updated At-13 Nov, 2008 | 06:38

Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the do parameter in an AttachFile action, a different vulnerability than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N

CPE Matches

moinmoin>>moinmoin>>1.5.7

cpe:2.3:a:moinmoin:moinmoin:1.5.7:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://osvdb.org/36567	cve@mitre.org	N/A
http://secunia.com/advisories/29262	cve@mitre.org	N/A
http://www.debian.org/security/2008/dsa-1514	cve@mitre.org	N/A
http://www.securityfocus.com/bid/23676	cve@mitre.org	Exploit
http://www.securityfocus.com/data/vulnerabilities/exploits/23676.html	cve@mitre.org	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History