CVE-2007-3056
NVD: Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the path parameter.
4.3 Severity
MEDIUM EPSS
0.0156 (72) KEV
-
Source-published summary
NVD: Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the path parameter.
Possible impact
Source describes XSS risk · remote exposure. Possible impact: This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for XSS risk · remote exposure.
Affected context
vendor/product: websvn / websvn
Remediation / advisory
Remediation reference present; patch status requires confirmation in the linked advisory.
Why it matters
Source describes XSS risk · remote exposure. Possible impact: This medium severity issue needs human triage to confirm exposure, affected versions, and vendor guidance for XSS risk · remote exposure.; CVSS 4.3 (MEDIUM); EPSS percentile 72; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, Vendor Advisory.
What to verify
Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.
Exposure hint
remote exposure
Impact tags
Urgency reasons
Source-derived note
Summary derived from NVD / Vendor Advisory description; unsafe procedural detail is not shown.
Redaction metadata
- source summary used
- True
- fallback summary used
- False
- unsafe procedural detail present
- false
- raw source displayed
- false
- public summary redacted
- true
Remediation handoff
Public-safe static handoff for human/Codex remediation planning. Scan, patch, external execution, and auto remediation are disabled.
Safety note
This radar shows source-published defensive context only. Exploit procedures, exploit strings, scanner commands, and auto-remediation are not provided.