CVE-2008-1037

Sažetak

Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.

Reference

http://secunia.com/advisories/29119
http://securityreason.com/securityalert/3701
http://www.securityfocus.com/archive/1/488712/100/0/threaded
http://www.securityfocus.com/bid/27982
http://www.securitytracker.com/id?1019501

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-10-2018 - 20:29

Objavljeno

27-02-2008 - 19:44