CVE-2008-3596

2008-08-1217:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 allows remote attackers to inject arbitrary web script or HTML via the Username field, which is inserted into logs that could be rendered when viewed by an administrator.

References

secunia.com/advisories/31406

sourceforge.net/tracker/index.php?func=detail&aid=2040255&group_id=82171&atid=1098812

www.securityfocus.com/bid/30637

exchange.xforce.ibmcloud.com/vulnerabilities/44394