CVE-2007-2335 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-2335

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Lunascape	Lunascape	4.1 (including)	4.1 (including)
Lunascape	Lunascape	4.1.1 (including)	4.1.1 (including)
Lunascape	Lunascape	4.1.2 (including)	4.1.2 (including)
Lunascape	Lunascape	4.1.3 (including)	4.1.3 (including)

References

http://jvn.jp/jp/JVN%2336628264/index.html
http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0
http://osvdb.org/35364
http://secunia.com/advisories/25000
http://www.securityfocus.com/bid/23665
http://www.vupen.com/english/advisories/2007/1538
https://exchange.xforce.ibmcloud.com/vulnerabilities/34074