CVE-2007-3101
CVE-2007-3101
Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/30191no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544http://osvdb.org/36377http://secunia.com/advisories/25618https://exchange.xforce.ibmcloud.com/vulnerabilities/34872http://www.securityfocus.com/bid/24480http://www.vupen.com/english/advisories/2007/2212