cbcvebase.
CVE-2007-3930
published 2007-07-21

CVE-2007-3930: Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct…

PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
19.24%
97.0th percentile
Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain.

Affected

1 ranges
VendorProductVersion rangeFixed in
wikidokuwiki<= 2007-06-26
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.