Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) projectIssueId parameter in EditProjectIssue.do, the (2) projectId parameter in ProjectSelected.do, the (3) folderId parameter in ProjectDocuments.do and the (4) sortField parameter in ProjectIssues.do.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-08-09T10:00:00
Updated: 2024-08-07T14:46:39.721Z
Reserved: 2007-08-08T00:00:00
Link: CVE-2007-4265
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-08-09T10:17:00.000
Modified: 2024-11-21T00:35:11.017
Link: CVE-2007-4265
Redhat
No data.