cpe:/a:itn:itn_news_gadget:1.06 CVE-2008-7037 2009-08-24T06:30:01.877-04:00 2017-08-16T21:29:45.770-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-08-24T11:18:00.000-04:00 BID 27725 MISC http://www.mwrinfosecurity.com/publications/mwri_itn-news-gadget-advisory_2008-02-04.pdf XF itnnewsgadget-shorttitle-xss(43563) The Sidebar gadget in ITN News Gadget (aka ITN Hub Gadget) 1.06 for Windows Vista, and possibly other versions before 1.23, allows remote web servers or man-in-the-middle attackers to execute arbitrary commands via script in a short_title response.