Lucene search

[email protected]CVE-2008-3121

HistoryJul 10, 2008 - 6:41 p.m.

CVE-2008-3121

2008-07-1018:41:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-3121

cross-site scripting

xss

xerox centreware web

cww

remote authenticated users

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

xeroxcentreware_webRange≤1.0

xeroxcentreware_webRange≤2.0

xeroxcentreware_webRange≤3

xeroxcentreware_webRange≤4.6.42

CPENameOperatorVersion
xerox:centreware_webxerox centreware weble1.0
xerox:centreware_webxerox centreware weble2.0
xerox:centreware_webxerox centreware weble3
xerox:centreware_webxerox centreware weble4.6.42

CPE	Name	Operator	Version
xerox:centreware_web	xerox centreware web	le	1.0
xerox:centreware_web	xerox centreware web	le	2.0
xerox:centreware_web	xerox centreware web	le	3
xerox:centreware_web	xerox centreware web	le	4.6.42

References

secunia.com/advisories/30978

www.securityfocus.com/bid/30151

www.xerox.com/downloads/usa/en/c/cert_XRX08_008.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/43671

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

Related for CVE-2008-3121

prion1 cvelist1 nvd1 nessus1