CVE-2007-4281

Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page, and other unspecified vectors.

Published: Aug 9, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4281
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
knowledgetree / open_source	3.4	3.4.x
knowledgetree / open_source	3.4.1	3.4.1.x

http://osvdb.org/36579
http://secunia.com/advisories/26333
http://sourceforge.net/forum/forum.php?forum_id=722865
http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851
http://support.ktdms.com/browse/KTS-2178
http://www.securityfocus.com/bid/25231
http://www.vupen.com/english/advisories/2007/2812

Vulnerability Database

289,697

CVE-2007-4281