Lucene search
HistoryApr 30, 2008 - 2:10 p.m.
CVE-2008-2026
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.006
Percentile
78.9%
Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it might be the same as CVE-2008-1470.
Affected configurations
Node
rsaauthentication_agentRange≤5.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rsa | authentication_agent | * | cpe:2.3:a:rsa:authentication_agent:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2008-04-30 14:10:00
Cross site scripting
2008-03-24 22:44:00
cvelist
cvelist
cve
cve
nvd
nvd
CVE-2008-1470
2008-03-24 22:44:00
CVE-2005-1118
2005-04-14 04:00:00
exploitdb
exploitdb
RSA - SecurID Cross-Site Scripting
2010-02-11 00:00:00
RSA WebID 5.3 - 'IISWebAgentIF.dll' Cross-Site Scripting
2008-03-17 00:00:00
RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting
2005-04-15 00:00:00
seebug
seebug
RSA认证代理登录页面IISWebAgentIF.dll跨站脚本漏洞
2008-04-25 00:00:00
openvas
openvas
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
RSA Security RSA Authentication Agent For Web XSS
2005-11-03 00:00:00
nessus
nessus
RSA Security RSA Authentication Agent For Web For IIS XSS
2005-05-09 00:00:00
cert
cert
RSA Authentication Agent for Web fails to properly validate input
2005-06-07 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.006
Percentile
78.9%
Related for NVD:CVE-2008-2026