cbcvebase.
CVE-2007-5496
published 2008-05-23

CVE-2007-5496: Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2)…

PriorityP48low1.9CVSS 2.0
AVLACMAuNCNIPAN
EPSS
0.39%
30.3th percentile
Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.

Affected

1 ranges
VendorProductVersion rangeFixed in
selinuxsetroubleshoot

CVSS provenance

nvdv2.01.9LOWAV:L/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat1.9LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.