CVE-2008-0643

Опубликовано: 12 мар. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://secunia.com/advisories/29332
http://www.adobe.com/support/security/bulletins/apsb08-06.html
Patch
http://www.securityfocus.com/bid/28205
Patch
http://www.securitytracker.com/id?1019589
http://www.vupen.com/english/advisories/2008/0862/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41144
http://secunia.com/advisories/29332
http://www.adobe.com/support/security/bulletins/apsb08-06.html
Patch
http://www.securityfocus.com/bid/28205
Patch
http://www.securitytracker.com/id?1019589
http://www.vupen.com/english/advisories/2008/0862/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41144

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:coldfusion:7.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:coldfusion:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:coldfusion:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:coldfusion:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02799

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-93cr-868g-mqgf

github

почти 4 года назад