CVE-2008-3353

2008-07-2817:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.

References

puresw.com/kb/idx.php/8/025/article/Changelog.html

secunia.com/advisories/31217

www.securityfocus.com/bid/30367

exchange.xforce.ibmcloud.com/vulnerabilities/43985