CVE-2007-2308 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-2308

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 allows remote attackers to inject arbitrary web script or HTML via the rok parameter.

Affected Software

Name	Vendor	Start Version	End Version
Flowers	Flowers	2.0 (including)	2.0 (including)

References

http://securityreason.com/securityalert/2639
http://www.securityfocus.com/archive/1/465730/100/0/threaded
http://www.securityfocus.com/bid/23488
http://www.vupen.com/english/advisories/2007/1402
http://securityreason.com/securityalert/2639
http://www.securityfocus.com/archive/1/465730/100/0/threaded
http://www.securityfocus.com/bid/23488
http://www.vupen.com/english/advisories/2007/1402