CVE-2007-6001

Bandersnatch 0.4 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid parameter in a (3) log or (4) user action, a different vulnerability than CVE-2007-3910.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Tim Brown · textwebappsphp
https://www.exploit-db.com/exploits/30801

Scores

EPSS 0.0348
EPSS Percentile 87.4%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

bandersnatch/bandersnatch

Timeline

Published Nov 15, 2007
Tracked Since Feb 18, 2026