Lucene search

[email protected]CVE-2008-6698

HistoryApr 10, 2009 - 10:00 p.m.

CVE-2008-6698

2009-04-1022:00:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-6698

cross-site scripting

xss

target-e worldcup bets

typo3

vulnerability

web security

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected configurations

NVD

Node

typo3typo3

AND

michael_fritzworldcupMatch0.1.9

michael_fritzworldcupMatch1.2.8

michael_fritzworldcupMatch1.2.9

michael_fritzworldcupMatch1.3.0

michael_fritzworldcupMatch2.0.0

CPENameOperatorVersion
michael_fritz:worldcupmichael fritz worldcupeq0.1.9
michael_fritz:worldcupmichael fritz worldcupeq1.2.8
michael_fritz:worldcupmichael fritz worldcupeq1.2.9
michael_fritz:worldcupmichael fritz worldcupeq1.3.0
michael_fritz:worldcupmichael fritz worldcupeq2.0.0

CPE	Name	Operator	Version
michael_fritz:worldcup	michael fritz worldcup	eq	0.1.9
michael_fritz:worldcup	michael fritz worldcup	eq	1.2.8
michael_fritz:worldcup	michael fritz worldcup	eq	1.2.9
michael_fritz:worldcup	michael fritz worldcup	eq	1.3.0
michael_fritz:worldcup	michael fritz worldcup	eq	2.0.0

References

osvdb.org/46395

typo3.org/teams/security/security-bulletins/typo3-20080619-1/

www.securityfocus.com/bid/29826

exchange.xforce.ibmcloud.com/vulnerabilities/43214

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

Related for CVE-2008-6698

nvd1 cvelist1 prion1