Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-0919

Опубликовано: 22 фев. 2008
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:open_source_security_information_management:os-sim:0.1alpha:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.2alpha:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.3.1alpha:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.3alpha:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.6:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.7:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.8:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.9_rc1:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.9_rc2:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.9_rc3:*:*:*:*:*:*:*
cpe:2.3:a:open_source_security_information_management:os-sim:0.9.9_rc4:*:*:*:*:*:*:*

EPSS

Процентиль: 91%
0.07201
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-8792-2rhw-hhh3

github
почти 4 года назад

Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.

EPSS

Процентиль: 91%
0.07201
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79