CVE-2007-3973

N/A Unknown

Published: July 25, 2007 Modified: April 23, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in JBlog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, or the (2) search parameter or (3) theme cookie to (b) recherche.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/38557

Source: cve@mitre.org

http://osvdb.org/38558

Source: cve@mitre.org

http://secunia.com/advisories/26165

Source: cve@mitre.org

http://securityreason.com/securityalert/2919

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/474320/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24991

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.vupen.com/english/advisories/2007/2611

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35551

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35556

Source: cve@mitre.org

https://www.exploit-db.com/exploits/4211

Source: cve@mitre.org

http://osvdb.org/38557