CVE-2007-5834

BosDev BosNews 4 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post.

Scores

EPSS 0.0028
EPSS Percentile 50.9%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

bosdev/bosnews

Timeline

Published Nov 05, 2007
Tracked Since Feb 18, 2026