CVE-2007-4297 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan (2) mail and (3) yorum parameters. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/37537 http://secunia.com/advisories/26380 http://www.packetstormsecurity.org/0708-exploits/dersimiz-xss.txt http://www.securityfocus.com/bid/25250 http://www.vupen.com/english/advisories/2007/2831 https://exchange.xforce.ibmcloud.com/vulnerabilities/35911