CVE-2008-0200

2008-01-1000:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in account/index.html in RotaBanner Local 3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) drop parameter.

References

lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html

securityreason.com/securityalert/3539

securityvulns.ru/Sdocument625.html

websecurity.com.ua/1442/

www.securityfocus.com/archive/1/485786/100/0/threaded

www.securityfocus.com/bid/27138