CVE-2007-2610 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modified3, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the Search feature, possibly the term parameter.

Affected Software

Name	Vendor	Start Version	End Version
Openld	Openld	*	1.1.8 (including)
Openld	Openld	*	1.1_modified2 (including)

References

http://osvdb.org/35871
http://secunia.com/advisories/25168
http://sourceforge.net/project/shownotes.php?release_id=507099
http://www.openld.com/forum/viewtopic.php?id=216
http://www.openld.com/forum/viewtopic.php?id=217
http://www.securityfocus.com/bid/23896
http://www.vupen.com/english/advisories/2007/1730
https://exchange.xforce.ibmcloud.com/vulnerabilities/34198
http://osvdb.org/35871
http://secunia.com/advisories/25168
http://sourceforge.net/project/shownotes.php?release_id=507099
http://www.openld.com/forum/viewtopic.php?id=216
http://www.openld.com/forum/viewtopic.php?id=217
http://www.securityfocus.com/bid/23896
http://www.vupen.com/english/advisories/2007/1730
https://exchange.xforce.ibmcloud.com/vulnerabilities/34198

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2610
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html