CVE-2007-5702

Currently unrated

Key Information:

Vendor: Novell
Status: Opensuse Swamp
Vendor: CVE Published:; 29 October 2007

Summary

Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.

References

http://secunia.com/advisories/27390

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/38203

vdb-entryx_refsource_OSVDB

http://swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 29, 2007
Vulnerability Reserved
Oct 29, 2007

Collectors

NVD DatabaseMitre Database