CVE-2007-2382
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/04/2007
Last modified:
14/02/2024
Description
The Moo.fx framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:mad4milk:moo.fx:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page