cbcvebase.
CVE-2007-2757
published 2007-05-18

CVE-2007-2757: Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1)…

PriorityP426medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.90%
91.0th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php.

Affected

8 ranges
VendorProductVersion rangeFixed in
dean_j_robinsonredoable
debianwordpress
wordpressblix
wordpressblixed
wordpressblixkrieg
wordpressunamed_theme
wordpressunamed_theme_se
xuyiyangblue_memories_theme

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_debian6.8LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.