Summary
Collabtive is prone to multiple remote input-validation vulnerabilities including cross-site scripting, HTML-injection, and directory-traversal issues.
Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code, and steal cookie-based authentication credentials.
Collabtive 0.6.5 is vulnerable
other versions may also be affected.
References
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- AdaptCMS 'init.php' Remote File Include Vulnerability
- Afian 'includer.php' Directory Traversal Vulnerability
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability