Lucene search

[email protected]CVE-2008-4663

HistoryOct 22, 2008 - 2:10 a.m.

CVE-2008-4663

2008-10-2202:10:02

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-4663

cross-site scripting

xss

vulnerability

analysis.cgi

k's cgi access log kaiseki

jcode.pl

jcode.pm

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.4%

JSON

Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used in K’s CGI Access Log Kaiseki (1) jcode.pl and (2) Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

kumacchiks_cgi_access_logMatch1.44

CPENameOperatorVersion
kumacchi:ks_cgi_access_logkumacchi ks cgi access logeq1.44

CPE	Name	Operator	Version
kumacchi:ks_cgi_access_log	kumacchi ks cgi access log	eq	1.44

References

jvn.jp/en/jp/JVN46869708/index.html

jvn.jp/en/jp/JVN72065744/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000043.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000044.html

www.kumacchi.com/cgiroom/cgis/accesslogex/accesslogex.html

www.kumacchi.com/cgiroom/index.html

exchange.xforce.ibmcloud.com/vulnerabilities/46053

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.4%

JSON

Related for CVE-2008-4663

jvn2 nvd1 cvelist1 prion1