VDB
CVE-2007-6306
CVE-2007-6306
PUBLISHED
Reported by mitre · Published December 11, 2007
Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coords attribute of a chart area.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, *, n/a |
Exploit Intelligence
- http://jfreechart.svn.sourceforge.net/viewvc/jfreechart/trunk/source/org/jfree/chart/entity/ChartEntity.java?r1=662&r2=661&pathrev=662 (vulncheck-nvd)
- http://jfreechart.svn.sourceforge.net/viewvc/jfreechart/trunk/source/org/jfree/chart/imagemap/ImageMapUtilities.java?r1=662&r2=661&pathrev=662 (vulncheck-nvd)
Timeline
- Dec 11, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- RHSA-2008:0630 vendor-advisoryx_refsource_REDHAT
- RHSA-2008:0213 vendor-advisoryx_refsource_REDHAT
- x_refsource_MISC
- 31493 third-party-advisoryx_refsource_SECUNIA
- 27959 third-party-advisoryx_refsource_SECUNIA
- RHSA-2008:0151 vendor-advisoryx_refsource_REDHAT
- x_refsource_CONFIRM
- x_refsource_MISC
- 26752 vdb-entryx_refsource_BID
- 20071206 R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities mailing-listx_refsource_BUGTRAQ
- x_refsource_MISC
- 41843 vdb-entryx_refsource_OSVDB
- 41844 vdb-entryx_refsource_OSVDB
- 3430 third-party-advisoryx_refsource_SREASON
- 41845 vdb-entryx_refsource_OSVDB
- RHSA-2008:0158 vendor-advisoryx_refsource_REDHAT
- RHSA-2008:0261 vendor-advisoryx_refsource_REDHAT
- jfreechart-imagemap-xss(38922) vdb-entryx_refsource_XF