dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and possibly other attacks.
Metrics
Affected Vendors & Products
References
History
Thu, 03 Apr 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: mitre
Published: 2007-11-05T18:00:00.000Z
Updated: 2025-04-03T14:17:15.947Z
Reserved: 2007-11-05T00:00:00.000Z
Link: CVE-2007-5817

Updated: 2024-08-07T15:47:00.217Z

Status : Deferred
Published: 2007-11-05T18:46:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2007-5817

No data.