Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2008-7271

Опубликовано: 24 апр. 2008
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Certificate System 7.2eclipseWill not fix
Red Hat Certificate System 7.3eclipseWill not fix
Red Hat Developer Suite v.3eclipseWill not fix
Red Hat Enterprise Linux 5eclipseWill not fix
Red Hat Enterprise Linux 6eclipseNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=670944eclipse: Help Content web application vulnerable to multiple XSS flaws

EPSS

Процентиль: 43%
0.00209
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2008-7271

ubuntu
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.

nvd логотип

CVE-2008-7271

nvd
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.

debian логотип

CVE-2008-7271

debian
почти 15 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Conten ...

github логотип

GHSA-rpmq-jrch-356w

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.

EPSS

Процентиль: 43%
0.00209
Низкий

2.6 Low

CVSS2

Уязвимость CVE-2008-7271