CVE-2007-6270

Absolute News Manager.NET 5.1 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Adrian Pastor · textwebappsasp
https://www.exploit-db.com/exploits/30844
exploitdb WRITEUP VERIFIED
by Adrian Pastor · textwebappsasp
https://www.exploit-db.com/exploits/30843

References (9)

Scores

EPSS 0.1147
EPSS Percentile 93.5%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

xigla/absolute_news_manager.net

Timeline

Published Dec 07, 2007
Tracked Since Feb 18, 2026