Lucene search

[email protected]NVD:CVE-2008-6570

HistoryMar 31, 2009 - 5:30 p.m.

CVE-2008-6570

2009-03-3117:30:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.3%

JSON

Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.

Affected configurations

NVD

Node

cybozugaroonMatch2.0.0

cybozugaroonMatch2.0.1

cybozugaroonMatch2.0.2

cybozugaroonMatch2.0.3

cybozugaroonMatch2.0.4

cybozugaroonMatch2.0.5

cybozugaroonMatch2.0.6

cybozugaroonMatch2.1.0

cybozugaroonMatch2.1.1

cybozugaroonMatch2.1.2

cybozugaroonMatch2.1.3

References

cybozu.co.jp/products/dl/notice/detail/0023.html

jvn.jp/en/jp/JVN52363223/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000035.html

osvdb.org/46565

secunia.com/advisories/30871

www.lac.co.jp/english/advisory/99_e.html

www.securityfocus.com/bid/29981

exchange.xforce.ibmcloud.com/vulnerabilities/43426

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for NVD:CVE-2008-6570

cve2 cvelist2 jvn1 prion2 nvd1