CVE-2007-5251

medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36962

http://www.securityfocus.com/bid/25940

http://secunia.com/advisories/27080

http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html

Details

Source: Mitre, NVD

Published: 2007-10-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N