CVE-2008-0426

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message.

Reference

http://pacercms.sourceforge.net/index.php/2008/01/21/pacercms-061-streamlines-code-base-addresses-security-issue/
http://secunia.com/advisories/28605
http://www.securityfocus.com/archive/1/486796/100/0/threaded
http://www.securityfocus.com/bid/27386
https://exchange.xforce.ibmcloud.com/vulnerabilities/39832

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

15-10-2018 - 22:00

Objavljeno

23-01-2008 - 22:00