Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1716

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1716
Last Modified 02 Apr 2009 01:33:09
Published 09 Apr 2008 05:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1716

Summary

Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.

Vulnerable Systems

Application

  • Woltlab Burning Board 3.0.5


References

XF - wbb-wcf-page-form-xss(41714)

BID - 28678

BUGTRAQ - 20080412 Re: WoltLab(R) Community Framework WCF 1.0.6

BUGTRAQ - 20080407 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability

SECUNIA - 29719

FULLDISC - 20080408 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability


Last Updated: 27 May 2016 10:47:38