CVE-2008-3353

Опубликовано: 28 июл. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.

Ссылки

http://puresw.com/kb/idx.php/8/025/article/Changelog.html
URL Repurposed
http://secunia.com/advisories/31217
Vendor Advisory
http://www.securityfocus.com/bid/30367
https://exchange.xforce.ibmcloud.com/vulnerabilities/43985
http://puresw.com/kb/idx.php/8/025/article/Changelog.html
URL Repurposed
http://secunia.com/advisories/31217
Vendor Advisory
http://www.securityfocus.com/bid/30367
https://exchange.xforce.ibmcloud.com/vulnerabilities/43985

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:puresw:lore:*:*:*:*:*:*:*:*

Версия до 1.6.3 (включая)

cpe:2.3:a:puresw:lore:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.4.3:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.5.9:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:puresw:lore:1.6.2:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qj86-hq7c-367x

github

почти 4 года назад