XSS in Jfree Jfreechart

CVE-2007-6307

Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote attackers to inject arbitrary web script or HTML via (1) the link parameter or (2) the User-Agent HTTP header.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.041 (89.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References