CVE-2007-0183
iPlanet Web Server 4.x - Cross-Site Scripting via NS-max-records Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Khalsa · textremotemultiple
https://www.exploit-db.com/exploits/29439
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/32662
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21977
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23605
Scores
EPSS
0.0450
EPSS Percentile
89.2%
Details
Status
published
Products (1)
sun/iplanet_web_server
4.1 (21 CPE variants)
Published
Jan 12, 2007
Tracked Since
Feb 18, 2026