Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2008/06/30 12:0 a.m.63 views

CGIWrap Charset Specification Weakness Error Message XSS

The remote host is running CGIWrap, a wrapper for CGI scripts to provide enhanced security. The version of CGIWrap installed on the remote host does not specify a charset when responses are for error pages. An attacker may be able to leverage this issue to inject arbitrary HTML and script code in...

4.3CVSS5.8AI score0.0125EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/06/25 12:36 p.m.11 views

CVE-2008-2852

Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...

4.3CVSS5.9AI score0.0125EPSS
Exploits0References1
NVD
NVD
added 2008/06/25 12:36 p.m.16 views

CVE-2008-2852

Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...

4.3CVSS5.5AI score0.0125EPSS
Exploits0References6
CVE
CVE
added 2008/06/25 10:0 a.m.68 views

CVE-2008-2852

CGIWrap before 4.1 is affected by CVE-2008-2852, an XSS due to error messages not specifying a charset. When using Internet Explorer-based browsers, attackers could inject arbitrary HTML/JS via error responses. The OpenVAS/Nessus/VM sources confirm the IE-specific vector and the CGIWrap XSS descr...

4.3CVSS5.4AI score0.0125EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder