VYPR
Unrated severityNVD Advisory· Published Dec 20, 2007· Updated Jun 16, 2026

CVE-2007-6465

CVE-2007-6465

Description

Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. NOTE: some of these details are obtained from third party information.

Affected products

2
  • Ganglia/Web2 versions
    cpe:2.3:a:ganglia:ganglia:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ganglia:ganglia:*:*:*:*:*:*:*:*range: <=3.05
    • (no CPE)range: <3.0.6

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.