Description

Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified form fields on the blogroll page.

Remediation

References

CVE-2007-3672

Related Vulnerabilities

WordPress Plugin Sell Media Cross-Site Scripting (2.4.1)

WordPress Plugin WP Symposium Multiple SQL Injection Vulnerabilities (12.09)

MySQL CVE-2020-14868 Vulnerability (CVE-2020-14868)

MySQL Numeric Errors Vulnerability (CVE-2016-2105)

WordPress Plugin Redirection 'id' Parameter Cross-Site Scripting (2.2.8)

Severity

Medium

Classification

CVE-2007-3672

Tags

Missing Update Known Vulnerabilities