CVE-2007-1020 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-1020

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 allows remote attackers to inject arbitrary web script or HTML via the hier parameter.

Affected Software

Name	Vendor	Start Version	End Version
Cedstat	Cedstat	1.31 (including)	1.31 (including)

References

http://forums.avenir-geopolitique.net/viewtopic.php?t=2672
http://osvdb.org/33734
http://securityreason.com/securityalert/2265
http://www.securityfocus.com/archive/1/460260/100/0/threaded
http://www.securityfocus.com/bid/22588
http://www.securityfocus.com/bid/22653
http://www.vupen.com/english/advisories/2007/0680
https://exchange.xforce.ibmcloud.com/vulnerabilities/32537