exploitDog

CVE-2008-2911

Опубликовано: 30 июн. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.

Ссылки

http://secunia.com/advisories/30683
Vendor Advisory
http://www.securityfocus.com/bid/29719
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/43107
https://www.exploit-db.com/exploits/5810
http://secunia.com/advisories/30683
Vendor Advisory
http://www.securityfocus.com/bid/29719
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/43107
https://www.exploit-db.com/exploits/5810

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:contenido:contendio:4.8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.0364

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-674g-c7wh-2qvj

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.

EPSS

Процентиль: 88%

0.0364

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79