Unrated severityNVD Advisory· Published Aug 9, 2007· Updated Apr 23, 2026

CVE-2007-4265

Description

Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) projectIssueId parameter in EditProjectIssue.do, the (2) projectId parameter in ProjectSelected.do, the (3) folderId parameter in ProjectDocuments.do and the (4) sortField parameter in ProjectIssues.do.

Affected products

Visionera Ab/Visionproject
cpe:2.3:a:visionera_ab:visionproject:*:*:*:*:*:*:*:*
Range: <=3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/25218nvdExploit
secunia.com/advisories/26346nvdVendor Advisory
osvdb.org/36433nvd
osvdb.org/36434nvd
osvdb.org/36435nvd
osvdb.org/36436nvd
pridels-team.blogspot.com/2007/08/visionproject-multiple-xss-vuln.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/35825nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000