Lucene search
FreeBSD578F6322-C450-11DD-A721-0030843D3802HistoryOct 17, 2008 - 12:00 a.m.
habari -- Cross-Site Scripting Vulnerability
2008-10-1700:00:00
vuxml.freebsd.org
11
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.3%
Secunia reports:
Input passed via the “habari_username” parameter when logging in is
not properly sanitised before being returned to the user. This can
be exploited to execute arbitrary HTML and script code in a user’s
browser session in context of an affected site.
Related
nessus
nessus
FreeBSD : habari -- XSS Vulnerability (578f6322-c450-11dd-a721-0030843d3802)
2008-12-08 00:00:00
openvas
openvas
FreeBSD Ports: habari
2008-12-10 00:00:00
FreeBSD Ports: habari
2008-12-10 00:00:00
cvelist
cvelist
CVE-2008-4601
2008-10-17 22:00:00
nvd
nvd
CVE-2008-4601
2008-10-18 00:18:53
cve
cve
CVE-2008-4601
2008-10-18 00:18:53
prion
prion
Cross site scripting
2008-10-18 00:18:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.3%
Related for 578F6322-C450-11DD-A721-0030843D3802