Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-7271
HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-7271

2022-10-0316:13:53
CWE-79
[email protected]
web.nvd.nist.gov
25
cve-2008-7271
xss
eclipse ide
help contents
web application
vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.521 Medium

EPSS

Percentile

97.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.

Affected configurations

NVD
Node
eclipseeclipse_ide
OR
eclipseeclipse_ideMatch3.3.2

Related

nvd 2
prion 2
debiancve 2
ubuntucve 2
cvelist 2
nessus 7
openvas 7
ibm 1
cve 1
oraclelinux 1
veracode 1
redhat 1
nvd
nvd
CVE-2008-7271
2011-01-13 19:00:01
CVE-2010-4647
2011-01-13 19:00:04
prion
prion
Cross site scripting
2011-01-13 19:00:00
Cross site scripting
2011-01-13 19:00:00
debiancve
debiancve
CVE-2008-7271
2011-01-13 19:00:00
CVE-2010-4647
2011-01-13 19:00:00
ubuntucve
ubuntucve
CVE-2008-7271
2011-01-13 00:00:00
CVE-2010-4647
2011-01-13 00:00:00
cvelist
cvelist
CVE-2008-7271
2022-10-03 16:13:53
CVE-2010-4647
2011-01-13 18:35:00
nessus
nessus
RHEL 5 : eclipse (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 13 : eclipse-3.5.2-4.fc13 (2010-18990)
2010-12-26 00:00:00
Oracle Linux 6 : eclipse (ELSA-2011-0568)
2023-09-07 00:00:00
openvas
openvas
Eclipse IDE < 3.6.2 Help Contents Multiple XSS Vulnerabilities
2011-02-17 00:00:00
Mandriva Update for eclipse MDVSA-2011:032 (eclipse)
2011-02-22 00:00:00
Mandriva Update for eclipse MDVSA-2011:032 (eclipse)
2011-02-22 00:00:00
ibm
ibm
Security Bulletin: Multiple security vulnerabilities in IBM Sales Center for WebSphere Commerce (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-2159, CVE-2012-2161)
2022-09-26 05:45:55
cve
cve
CVE-2010-4647
2011-01-13 19:00:04
oraclelinux
oraclelinux
eclipse security, bug fix, and enhancement update
2011-05-28 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 01:01:25
redhat
redhat
(RHSA-2011:0568) Low: eclipse security, bug fix, and enhancement update
2011-05-19 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.521 Medium

EPSS

Percentile

97.6%

JSON
Related for CVE-2008-7271
nvd2prion2debiancve2ubuntucve2cvelist2nessus7openvas7ibm1cve1oraclelinux1veracode1redhat1