Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2008-4408 - CERT CVE
CVE-2008-4408
ID
CVE-2008-4408
Sažetak
Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component.
Reference
http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-October/000078.html
http://openwall.com/lists/oss-security/2008/10/02/3
http://secunia.com/advisories/32128
http://secunia.com/advisories/32131
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_12_1/phase3/RELEASE-NOTES
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_2/phase3/RELEASE-NOTES
http://www.securityfocus.com/bid/31540
http://www.vupen.com/english/advisories/2008/2737
https://exchange.xforce.ibmcloud.com/vulnerabilities/45632
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00179.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00220.html
CVSS
Base:
4.3
Impact:
2.9
Exploitability:
8.6
Pristup
Vektor
Složenost
Autentikacija
NETWORK
MEDIUM
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
PARTIAL
NONE
CVSS vektor
AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje
08-08-2017 - 01:32
Objavljeno
03-10-2008 - 17:41