CVE-2008-3874

2008-08-29T17:41:00
ID CVE-2008-3874
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:50:00

Description

Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). NOTE: some of these details are obtained from third party information.