CVE-2008-5786

2008-12-3111:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.1%

JSON

Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter.

References

holisticinfosec.org/content/view/91/45/

secunia.com/advisories/32585

www.infrae.com/newsitems/silva_security_bulletin_08-11-07

www.osvdb.org/49659

www.securityfocus.com/bid/32183

exchange.xforce.ibmcloud.com/vulnerabilities/46427