CVE-2007-4177

Published: Aug 8, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328.

Affected (1)

Products: Interact: Interact

Interact

1 product

Interact

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Interact Interact	Up to 2.3.1

References (12)

http://cce-interact.cvs.sourceforge.net/cce-interact/Interact/includes/common.inc.php?r1=1.259&r2=1.260

Source: cve@mitre.org

http://osvdb.org/36440

Source: cve@mitre.org

http://secunia.com/advisories/26304

Source: cve@mitre.org

Vendor Advisory

http://sourceforge.net/project/shownotes.php?release_id=528858&group_id=69681

Source: cve@mitre.org

http://www.securityfocus.com/bid/25173

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35765

Source: cve@mitre.org

http://cce-interact.cvs.sourceforge.net/cce-interact/Interact/includes/common.inc.php?r1=1.259&r2=1.260