VYPR
Unrated severityNVD Advisory· Published Oct 9, 2007· Updated Jun 16, 2026

CVE-2007-5280

CVE-2007-5280

Description

Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in AppFuse before 2.0 Final allow remote attackers to inject arbitrary web script or HTML via unspecified input that is recorded in (1) success or (2) error messages.

Affected products

2
  • Appfuse/Appfuse2 versions
    cpe:2.3:a:appfuse:appfuse:2.0-rc1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:appfuse:appfuse:2.0-rc1:*:*:*:*:*:*:*
    • (no CPE)range: <2.0 Final

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.