Unrated severityNVD Advisory· Published Jan 11, 2007· Updated Jun 16, 2026
CVE-2007-0175
CVE-2007-0175
Description
Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter.
Affected products
2= 1.8.6+ 1 more
- (no CPE)range: = 1.8.6
- (no CPE)range: =1.8.6
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.