CVE-2007-3807

Published: Jul 17, 2007Modified: Apr 23, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors.

Affected (1)

Products: Sitescape: Sitescape Forum

Sitescape

1 product

Sitescape Forum

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sitescape Sitescape Forum	Up to 7.2

References (14)

http://osvdb.org/36844

Source: cve@mitre.org

http://secunia.com/advisories/26065

Source: cve@mitre.org

Patch

http://securityreason.com/securityalert/2893

Source: cve@mitre.org

http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3159

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/473624/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24893

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35395

Source: cve@mitre.org

http://osvdb.org/36844