Cross-Site Scripting Vulnerability in Novell OpenSUSE SWAMP Workflow Platform
CVE-2007-5702

Currently unrated

Key Information:

Vendor: Novell
Status: Opensuse Swamp
Vendor: CVE Published:; 29 October 2007

What is CVE-2007-5702?

The Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x contains a cross-site scripting (XSS) vulnerability within the login box. This flaw allows remote attackers to inject arbitrary web scripts or HTML through the username parameter. Exploiting this vulnerability could lead to unauthorized access and manipulation of user sessions, highlighting the need for immediate attention to security measures in the affected versions.

References

http://secunia.com/advisories/27390

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/38203

vdb-entryx_refsource_OSVDB

http://swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2007
Vulnerability Reserved
Oct 29, 2007