Vulnerability in Jetbox Jetbox_cms
CVE-2007-2686
Cross-site scripting (XSS) vulnerability in index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in a sendpwd task.
EPSS: 0.018 (75.0th percentile) — read the EPSS interpretation.
Affected products
- Jetbox Jetbox_cms — versions 2.1
- N/a — versions n/a
References
- cve@mitre.org (Exploit, x_refsource_MISC, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (Vendor Advisory, mailing-list, Exploit, x_refsource_FULLDISC)