Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign function.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-09-06 15:17
Updated : 2017-07-28 18:33
NVD link : CVE-2007-4745
Mitre link : CVE-2007-4745
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
mambo
- mambo_site_server
joomla
- akobook