PT-2007-3182 · Web App.Org · Webapp
Published
2007-04-03
·
Updated
2011-03-08
·
CVE-2007-1828
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
web-app.org WebAPP versions prior to 0.9.9.6
Description:
The issue allows remote authenticated users to inject arbitrary web script or HTML, which can lead to cross-site scripting (XSS) attacks. This is possible via the QUERY STRING corresponding to drop downs or various forms.
Recommendations:
For versions prior to 0.9.9.6, update to version 0.9.9.6 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Webapp