CVE-2008-6428

Опубликовано: 06 мар. 2009

Источник: debian

EPSS Низкий

Описание

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
kaya	fixed	0.4.2-1		package
kaya	no-dsa		etch	package

Примечания

the fix checks with a regex for malicious characters in the HTTP header, see CGI.k changes

EPSS

Процентиль: 54%

0.00309

Низкий

Связанные уязвимости

CVE-2008-6428

ubuntu

почти 17 лет назад

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVE-2008-6428

nvd

почти 17 лет назад

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

GHSA-r3fc-cv3r-rj38

github

больше 3 лет назад

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

EPSS

Процентиль: 54%

0.00309

Низкий