Lucene search
MitreCVELIST:CVE-2008-3219HistoryJul 18, 2008 - 4:00 p.m.
CVE-2008-3219
2008-07-1816:00:00
mitre
www.cve.org
8
The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not “prevent use of the object HTML tag in administrator input,” which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS) protection mechanism.
References
drupal.org/node/280571
secunia.com/advisories/31079
www.openwall.com/lists/oss-security/2008/07/10/3
www.securityfocus.com/bid/30168
bugzilla.redhat.com/show_bug.cgi?id=454849
exchange.xforce.ibmcloud.com/vulnerabilities/43701
www.redhat.com/archives/fedora-package-announce/2008-August/msg00016.html
www.redhat.com/archives/fedora-package-announce/2008-July/msg00527.html
www.redhat.com/archives/fedora-package-announce/2008-July/msg00551.html
Related
ubuntucve
ubuntucve
CVE-2008-3219
2008-07-18 00:00:00
cve
cve
CVE-2008-3219
2008-07-18 16:41:00
nvd
nvd
CVE-2008-3219
2008-07-18 16:41:00
prion
prion
Cross site scripting
2008-07-18 16:41:00
openvas
openvas
Fedora Update for drupal FEDORA-2008-6415
2009-02-17 00:00:00
Fedora Update for drupal FEDORA-2008-6411
2009-02-17 00:00:00
Fedora Update for drupal FEDORA-2008-6415
2009-02-17 00:00:00
nessus
nessus
Fedora 8 : drupal-5.9-1.fc8 (2008-6916)
2008-08-01 00:00:00
Fedora 9 : drupal-6.3-1.fc9 (2008-6415)
2008-07-16 00:00:00
Fedora 8 : drupal-5.8-1.fc8 (2008-6411)
2008-07-16 00:00:00
redhatcve
redhatcve
CVE-2008-3218
2019-10-04 20:14:23