• Input passed to the "User-Agent" header parameter it isn't properly sanitised before being returned to the user on 404 or 500 error. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. <br/> <br/> <span class="bb-navy">Confirmed in version MX 7. Other versions may also be affected.</span>

• Contact the vendor for further information.

• • CVE-2007-0817
  • Product Homepage

• 

• CVE-2007-0817

• CWE-79

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

• Missing Update XSS

• WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)
• Parallels Plesk SSO XML External Entity and Cross-site scripting
• WordPress Plugin XCloner-Backup and Restore Cross-Site Scripting (3.1.2)
• WordPress Plugin Site Reviews Cross-Site Scripting (2.15.2)
• WordPress Plugin Updater by BestWebSoft Cross-Site Scripting (1.34)