CVE-2008-3397

2008-07-3116:00:00

mitre

www.cve.org

cross-site scripting

runesoft cerberus cms

remote attackers

arbitrary web script

html

cerberus_user cookie

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie.

References

gl2logic.com/cerberus/cerberus.php?app=Old_News&SHOWID=7

secunia.com/advisories/31218

www.securityfocus.com/bid/30416