XMB Forum Software
Not logged in [Login - Register]
Go To Bottom

Printable Version  
Author: Subject: [Security < 1.9.10] CVE-2007-0519
miqrogroove
XMB 1.9.12 Lead Developer
*********


Avatar


Posts: 443
Registered: 10-1-2002
Location: Florida
Member Is Offline

Mood: Past Three O'Clock

[*] posted on 5-10-2021 at 03:14 PM
[Security < 1.9.10] CVE-2007-0519


Bug Source: XMB 1.9.9 and older

Symptoms: Unexpected output, Javascript compromise (XSS)

Security Impact: High

ID: CVE-2007-0519

Fixed By: XMB 1.9.10 and later are not affected.

Discussion:

In 2007, a CVE was assigned to a public XSS exploit against the XMB U2U feature. XMB staff evaluated this information in 2008, and determined version 1.9.8 contained an incomplete solution, but the CVE was still valid for one or more defects. U2U functions were revised and released with version 1.9.10 to implement better I/O filtering. These changes were also available in a service pack for version 1.9.8.

Recommendations:


View user's profile Visit user's homepage View All Posts By User

  Go To Top

Powered by XMB 1.9.12
XMB Forum Software © 2001-2021 The XMB Group
[Queries: 16] [PHP: 24.2% - SQL: 75.8%]