[email protected]CVE-2008-7206

HistorySep 11, 2009 - 4:30 p.m.

CVE-2008-7206

2009-09-1116:30:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-7206

electronic logbook

elog

vulnerability

xss

nvd

security

cross-site scripting

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.2%

JSON

Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 has unknown impact and attack vectors when the “logbook contains HTML code,” probably cross-site scripting (XSS).

CPENameOperatorVersion
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.1.0
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.0.2
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.6.0
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.1
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.5
stefan_ritt:elog_web_logbookstefan ritt elog web logbookle2.7.6
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.6.2
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.0
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.4
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.5.6

CPE	Name	Operator	Version
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.1.0
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.0.2
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.6.0
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.1
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.5
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	le	2.7.6
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.6.2
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.0
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.4
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.5.6

Rows per page:

1-10 of 231

References

osvdb.org/41685

www.securityfocus.com/bid/27526

exchange.xforce.ibmcloud.com/vulnerabilities/40124

midas.psi.ch/elog/download/ChangeLog

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.2%

JSON

Related for CVE-2008-7206

openvas2 cvelist1 prion1