ID CVE-2008-5228 Type cve Reporter NVD Modified 2017-08-07T21:33:11
Description
Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters "not being encoded."
{"id": "CVE-2008-5228", "bulletinFamily": "NVD", "title": "CVE-2008-5228", "description": "Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters \"not being encoded.\"", "published": "2008-11-25T18:30:00", "modified": "2017-08-07T21:33:11", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5228", "reporter": "NVD", "references": ["http://www.vupen.com/english/advisories/2008/3234", "http://www-01.ibm.com/support/docview.wss?uid=swg1PK73108", "https://exchange.xforce.ibmcloud.com/vulnerabilities/46749", "http://www.securityfocus.com/bid/32408", "http://www-01.ibm.com/support/docview.wss?uid=swg1PK73933"], "cvelist": ["CVE-2008-5228"], "type": "cve", "lastseen": "2017-08-08T11:25:01", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:ibm:workplace_content_management:6.1", "cpe:/a:ibm:workplace_content_management:6.0"], "cvelist": ["CVE-2008-5228"], "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters \"not being encoded.\"", "edition": 1, "enchantments": {}, "hash": "30ee9bb351fb06abb043a04579215529830a66bd8f82592e9d7eb0a777220f53", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "d130c1e3c510533905949cbae3a5f24a", "key": "cvelist"}, {"hash": "447d74104f7536342706181cc2996101", "key": "title"}, {"hash": "7de35a348a0562c7c2cac7b36eb3863d", "key": "cvss"}, {"hash": "b9b14cad3f446d5b1074ed1c16774705", "key": "references"}, {"hash": "fa8a1287c3e0e5d4cf931f4e3278ea3a", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "5329d4541e468cfb5df6c3ebb9476e5e", "key": "href"}, {"hash": "e7648dce2cd4762944ada73c04d25d1f", "key": "description"}, {"hash": "5c774d66a9225cfeea1fb73f12486f29", "key": "cpe"}, {"hash": "b672038ffb1d382f42e6a60822b46e2e", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5228", "id": "CVE-2008-5228", "lastseen": "2016-09-03T11:21:25", "modified": "2011-03-07T22:14:12", "objectVersion": "1.2", "published": "2008-11-25T18:30:00", "references": ["http://www.vupen.com/english/advisories/2008/3234", "http://www-01.ibm.com/support/docview.wss?uid=swg1PK73108", "http://www.securityfocus.com/bid/32408", "http://www-01.ibm.com/support/docview.wss?uid=swg1PK73933", "http://xforce.iss.net/xforce/xfdb/46749"], "reporter": "NVD", "scanner": [], "title": "CVE-2008-5228", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T11:21:25"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "5c774d66a9225cfeea1fb73f12486f29"}, {"key": "cvelist", "hash": "d130c1e3c510533905949cbae3a5f24a"}, {"key": "cvss", "hash": "7de35a348a0562c7c2cac7b36eb3863d"}, {"key": "description", "hash": "e7648dce2cd4762944ada73c04d25d1f"}, {"key": "href", "hash": "5329d4541e468cfb5df6c3ebb9476e5e"}, {"key": "modified", "hash": "f50e477dce44c96071aa356dd80a6d91"}, {"key": "published", "hash": "b672038ffb1d382f42e6a60822b46e2e"}, {"key": "references", "hash": "d6c03e0092acf6318b8934c9881f750c"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "447d74104f7536342706181cc2996101"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3796e1a28df7b5356a5a1724a5faa5b8a455fa462644ceaf47b645cb263b73b9", "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:ibm:workplace_content_management:6.1", "cpe:/a:ibm:workplace_content_management:6.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}