exploitDog

CVE-2008-3668

Опубликовано: 13 авг. 2008

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the uid parameter to (1) friends.php, (2) seutubo.php, (3) album.php, (4) scrapbook.php, (5) index.php, or (6) tribes.php; or (7) the description field of a new scrap.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:marcello_brandao:yogurt_social_network_module:3.2:rc1:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00335

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-mw89-4hwr-68gg

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the uid parameter to (1) friends.php, (2) seutubo.php, (3) album.php, (4) scrapbook.php, (5) index.php, or (6) tribes.php; or (7) the description field of a new scrap.

EPSS

Процентиль: 56%

0.00335

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79