Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1470


Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1470
Last Modified 25 Jul 2011 12:00:00
Published 24 Mar 2008 06:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118.

Vulnerable Systems


  • Rsa Webid 5.3


BID - 28277

BUGTRAQ - 20080317 Security Advisory on RSA Web ID (XSS)

SREASON - 3768

Last Updated: 27 May 2016 10:47:08