CVE-2007-0183

Currently unrated

Key Information:

Vendor: Oracle
Status: Iplanet Web Server
Vendor: CVE Published:; 12 January 2007

Summary

Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

References

http://osvdb.org/32662

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/21977

vdb-entryx_refsource_BID

http://secunia.com/advisories/23605

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 12, 2007
Vulnerability Reserved
Jan 10, 2007