CVE-2008-6436

Опубликовано: 06 мар. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://osvdb.org/45627
http://secunia.com/advisories/30364
Vendor Advisory
http://www.securityfocus.com/bid/29345
http://www.vupen.com/english/advisories/2008/1628/references
Patch
Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_004.pdf
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42595
http://osvdb.org/45627
http://secunia.com/advisories/30364
Vendor Advisory
http://www.securityfocus.com/bid/29345
http://www.vupen.com/english/advisories/2008/1628/references
Patch
Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX08_004.pdf
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42595

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:xerox:workcentre:7132:*:*:*:*:*:*:*

cpe:2.3:h:xerox:workcentre:7228:*:*:*:*:*:*:*

cpe:2.3:h:xerox:workcentre:7235:*:*:*:*:*:*:*

cpe:2.3:h:xerox:workcentre:7245:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00516

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9h3q-9vqx-98m3

github

больше 3 лет назад