CVE-2007-0939

Currently unrated

Key Information:

Vendor: Microsoft
Status: Content Management Server
Vendor: CVE Published:; 10 April 2007

Summary

Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability."

References

http://www.securityfocus.com/archive/1/466331/100/200/thr...

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2007/1322

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1017894

vdb-entryx_refsource_SECTRACK

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 10, 2007
Vulnerability Reserved
Feb 14, 2007

Collectors

NVD DatabaseMitre Database