CVE-2007-0175
B2evolution - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.
References (7)
Scores
EPSS
0.0053
EPSS Percentile
66.8%
Classification
CWE
CWE-79
Status
draft
Affected Products (3)
b2evolution/b2evolution
b2evolution/b2evolution
b2evolution/b2evolution
Timeline
Published
Jan 11, 2007
Tracked Since
Feb 18, 2026