Lucene search

PRIOn knowledge basePRION:CVE-2008-0444

HistoryJan 25, 2008 - 12:00 a.m.

Cross site scripting

2008-01-2500:00:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

JSON

Cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components.

CPENameOperatorVersion
elogeq2.0.5
elogeq2.4.0
elogeq2.0.1
elogeq1.2.3
elogeq2.5.2
elogeq2.3.4
elogeq1.0.5
elogeq2.1.3
elogeq2.5.6
elogeq2.2.1

Name	Operator	Version
elog	eq	2.0.5
elog	eq	2.4.0
elog	eq	2.0.1
elog	eq	1.2.3
elog	eq	2.5.2
elog	eq	2.3.4
elog	eq	1.0.5
elog	eq	2.1.3
elog	eq	2.5.6
elog	eq	2.2.1

Rows per page:

1-10 of 681

References

midas.psi.ch/elog/download/ChangeLog

osvdb.org/41681

secunia.com/advisories/28589

www.securityfocus.com/bid/27399

www.vupen.com/english/advisories/2008/0265

exchange.xforce.ibmcloud.com/vulnerabilities/39828