Lucene search

MitreCVE-2008-1212

HistoryMar 08, 2008 - 12:44 a.m.

CVE-2008-1212

2008-03-0800:44:00

CWE-79

mitre

web.nvd.nist.gov

cve

podcast generator

xss

vulnerability

web script

html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

Cross-site scripting (XSS) vulnerability in set_permissions.php in Podcast Generator 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the scriptlang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

podcast_generatorpodcast_generatorMatch0.96.2

VendorProductVersionCPE
podcast_generatorpodcast_generator0.96.2cpe:2.3:a:podcast_generator:podcast_generator:0.96.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
podcast_generator	podcast_generator	0.96.2	cpe:2.3:a:podcast_generator:podcast_generator:0.96.2:::::::*

References

www.securityfocus.com/bid/28106

exchange.xforce.ibmcloud.com/vulnerabilities/41130

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

Related for CVE-2008-1212