CVE-2007-2907

SSL-Explorer < 0.2.12 - Authenticated Cross-Site Scripting via Redirect URL

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36913
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25512
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2057
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24319
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36915

Scores

EPSS 0.0147
EPSS Percentile 70.8%

Details

CWE
CWE-119
Status published
Products (1)
ssl-explorer/ssl-explorer < 0.2.12
Published May 30, 2007
Tracked Since Feb 18, 2026