Multiple cross-site scripting (XSS) vulnerabilities in SubHub 2.3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the searchtext parameter to (a) /search, or the (2) message parameter to (b) /calendar or (c) /subscribe.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-03-24T00:00:00
Updated: 2024-08-07T13:06:25.818Z
Reserved: 2007-03-23T00:00:00
Link: CVE-2007-1646
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-03-24T00:19:00.000
Modified: 2024-11-21T00:28:49.987
Link: CVE-2007-1646
Redhat
No data.