Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Free_lan_intra_internet_portal | Free_lan_intra_internet_portal | 0.9.0.730 (including) | 0.9.0.730 (including) |
| Free_lan_intra_internet_portal | Free_lan_intra_internet_portal | 0.9.0.1029 (including) | 0.9.0.1029 (including) |
| Free_lan_intra_internet_portal | Free_lan_intra_internet_portal | 1.0_rc1 (including) | 1.0_rc1 (including) |
| Free_lan_intra_internet_portal | Free_lan_intra_internet_portal | 1.0_rc2 (including) | 1.0_rc2 (including) |
References
- http://osvdb.org/33650
- http://sourceforge.net/project/shownotes.php?release_id=481131\u0026group_id=98260
- http://www.vupen.com/english/advisories/2007/0454
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31900
- http://osvdb.org/33650
- http://sourceforge.net/project/shownotes.php?release_id=481131\u0026group_id=98260
- http://www.vupen.com/english/advisories/2007/0454
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31900