Cross-Site Scripting Vulnerability in BloofoxCMS by Bloofox
CVE-2007-2310

Currently unrated

Key Information:

Vendor: Bloofoxcms
Status: Bloofoxcms
Vendor: CVE Published:; 26 April 2007

What is CVE-2007-2310?

A Cross-Site Scripting vulnerability exists in BloofoxCMS version 0.2.2, specifically in the img_popup.php component. This flaw allows remote attackers to inject arbitrary web scripts or HTML code through the img_url parameter, potentially compromising the security of affected applications and their users.

References

http://securityreason.com/securityalert/2640

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/23487

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/465719/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Apr 26, 2007
Vulnerability Reserved
Apr 26, 2007

JSON

Bloofoxcms

What is CVE-2007-2310?

References

Timeline