CVE-2007-5948
SF-Shoutbox <1.4 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters.
References (5)
Scores
EPSS
0.0035
EPSS Percentile
57.2%
Classification
CWE
CWE-79
Status
draft
Affected Products (2)
script-fun/sf-shoutbox
script-fun/sf-shoutbox
Timeline
Published
Nov 14, 2007
Tracked Since
Feb 18, 2026