Unrated severityNVD Advisory· Published Oct 29, 2007· Updated Apr 23, 2026

CVE-2007-5702

Description

Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.

Affected products

Novell/Opensuse Swamp
cpe:2.3:a:novell:opensuse_swamp:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/27390nvdVendor Advisory
swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp/webapps/webswamp/src/java/de/suse/swamp/modules/actions/LoginActions.javanvd
www.osvdb.org/38203nvd
www.securityfocus.com/archive/1/482733/100/0/threadednvd
www.securityfocus.com/bid/26198nvd
exchange.xforce.ibmcloud.com/vulnerabilities/37399nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000