CVE-2008-3397
CVE-2008-3397 affects Runesoft Cerberus CMS up to version 3_1.4_0.9. It is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via the cerberus_user cookie. Impact is limited to the attacker’s ability to execute scripts in the victim’s browser; no explic...