3 matches found
CVE-2008-6238
The CVE-2008-6238 entry describes a Cross-site Scripting (XSS) vulnerability in OpenEdit Digital Asset Management (DAM) prior to version 5.2014. The flaw resides in archive/savedqueries/savequeryfinish.html where an attacker can inject arbitrary web script or HTML via the name parameter. The issu...
CVE-2008-6239
CVE-2008-6239 describes a CSRF vulnerability in OpenEdit Digital Asset Management (DAM) prior to 5.2014, allowing remote attackers to perform unspecified actions as arbitrary users via unknown vectors. The NVD entry lists a base score of 6.8 (Medium) with Network attack vector and no authenticati...
CVE-2008-6240
OpenEdit Digital Asset Management (DAM) contains a Cross-site Scripting (XSS) vulnerability in data/views/index.html, exploitable via the catalogid parameter. Affected software is OpenEdit DAM prior to version 5.2014. The vulnerability allows remote attackers to inject arbitrary web script or HTM...