Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev.NET DR 11-10-05-BETA-SF1:111005 and earlier allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the avatar parameter. NOTE: this may be related to the tracker program in the Janitor package. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-07-17T22:00:00
Updated: 2007-07-27T09:00:00
Reserved: 2007-07-17T00:00:00
Link: CVE-2007-3838
JSON object: View
NVD Information
Status : Analyzed
Published: 2007-07-17T22:30:00.000
Modified: 2008-09-05T21:26:45.557
Link: CVE-2007-3838
JSON object: View
Redhat Information
No data.
CWE