Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-4130

Опубликовано: 18 сент. 2008
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*
Версия до 2.2.5 (включая)
cpe:2.3:a:gallery:gallery:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gallery:gallery:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gallery:gallery:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gallery:gallery:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gallery:gallery:2.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.0065
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2008-4130

ubuntu
почти 17 лет назад

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."

redhat логотип

CVE-2008-4130

redhat
почти 17 лет назад

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."

debian логотип

CVE-2008-4130

debian
почти 17 лет назад

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 a ...

github логотип

GHSA-62rc-gc2g-m9pr

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."

EPSS

Процентиль: 70%
0.0065
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79