VYPR
Unrated severityNVD Advisory· Published Oct 29, 2007· Updated Jun 16, 2026

CVE-2007-5692

CVE-2007-5692

Description

Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to integrator.php; (2) the token parameter in a New Password action, (3) the nid_acl parameter in a Folder Properties action, or (4) the uid parameter in a Modify User action to command.php; or (5) the target parameter to index.php, different vectors than CVE-2006-3320.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Sitebar/Sitebar2 versions
    cpe:2.3:a:sitebar:sitebar:3.3.8:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sitebar:sitebar:3.3.8:*:*:*:*:*:*:*
    • (no CPE)range: =3.3.8

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.