Lucene search

[email protected]CVE-2008-2209

HistoryMay 14, 2008 - 5:20 p.m.

CVE-2008-2209

2008-05-1417:20:00

CWE-79

[email protected]

web.nvd.nist.gov

maian greeting

xss

web script injection

html injection

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script and (2) msg_script2 parameters.

Affected configurations

NVD

Node

maianscriptworldmaian_greetingMatch2.1

CPENameOperatorVersion
maianscriptworld:maian_greetingmaianscriptworld maian greetingeq2.1

CPE	Name	Operator	Version
maianscriptworld:maian_greeting	maianscriptworld maian greeting	eq	2.1

References

secunia.com/advisories/30069

securityreason.com/securityalert/3887

www.securityfocus.com/archive/1/491582/100/0/threaded

www.securityfocus.com/bid/29032

exchange.xforce.ibmcloud.com/vulnerabilities/42200

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Related for CVE-2008-2209

cvelist1 nvd1 prion1