Unrated severityNVD Advisory· Published Jul 10, 2007· Updated Jun 16, 2026
CVE-2007-3672
CVE-2007-3672
Description
Cross-site scripting (XSS) vulnerability in ecrire/tools.php in DotClear 1.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified form fields on the blogroll page.
Affected products
2Patches
Vulnerability mechanics
References
3- secunia.com/advisories/25971nvdVendor Advisory
- ar3av.free.fr/faille-dotclear.phpnvd
- osvdb.org/43958nvd
News mentions
0No linked articles in our index yet.