CVE-2007-1177

medium

Description

WebAPP before 0.9.9.5 does not properly filter certain characters in contexts related to (1) the query string, (2) Profiles, (3) the Forum Post icon field, (4) the Edit Profile, and (5) the Gallery, which has unknown impact and remote attack vectors, possibly related to cross-site scripting (XSS).

References

http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250

http://www.vupen.com/english/advisories/2007/0604

http://www.securityfocus.com/bid/22563

http://secunia.com/advisories/24080

http://osvdb.org/33287

http://osvdb.org/33286

http://osvdb.org/33283

http://osvdb.org/33277

Details

Source: Mitre, NVD

Published: 2007-03-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00573