Approved changes feed: RSS · Atom
cpe:2.3:a:sage:sage:1.3.6:*:*:*:*:*:*:*
part: a version: 1.3.6 update: *
| Vendor | Sage (c8b89926-672a-55fd-8b90-8159b08c65cc) |
|---|---|
| Product | Sage (dbd65aaa-a59f-5203-a794-3fdbcfdcf186) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2007-0896 |
vulnerable | 2026-06-08 04:49:33.703189 |
Details available
Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712.
Published: 2007-02-13T11:00:00.000Z
Updated: 2024-08-07T12:34:21.204Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-4712 |
vulnerable | 2026-06-08 04:49:18.596606 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read arbitrary local files, aka "Cross Context Scripting."
Published: 2006-09-12T16:00:00.000Z
Updated: 2024-08-07T19:23:40.500Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.