Lucene search

[email protected]CVE-2008-3404

HistoryJul 31, 2008 - 4:41 p.m.

CVE-2008-3404

2008-07-3116:41:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-3404

cross-site scripting

xss

vulnerability

web script

html

mjguest 6.8 gt

guestbook

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

JSON

Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote attackers to inject arbitrary web script or HTML via the link parameter.

Affected configurations

NVD

Node

mdsjackmjguestMatch6.8gt

CPENameOperatorVersion
mdsjack:mjguestmdsjack mjguesteq6.8

CPE	Name	Operator	Version
mdsjack:mjguest	mdsjack mjguest	eq	6.8

References

marc.info/?l=bugtraq&m=121743234408691&w=2

securityreason.com/securityalert/4085

www.mdsjack.bo.it/files/mjguest.log.txt

www.securityfocus.com/archive/1/497750/100/0/threaded

www.securityfocus.com/bid/30438

exchange.xforce.ibmcloud.com/vulnerabilities/44139

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

JSON

Related for CVE-2008-3404

cvelist1 nvd1 prion1