Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2758


Vulnerability Score 3.5 3.5
CVE Id CVE-2008-2758
Last Modified 25 Apr 2009 01:31:35
Published 18 Jun 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) pblname and (2) text parameters to (a) admin/search.asp, (3) name parameter to (b) admin/publishers.asp, and other unspecified vectors to (c) anmviewer.asp and (d) editarticleX.asp in admin/. NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • Xigla Absolute News Manager Xe 3.2


XF - absolutenews-search-publishers-xss(43042)

BID - 29672

SREASON - 3950

SECUNIA - 30643

BUGTRAQ - 20080611 Xigla Multiple Products - Multiple Vulnerabilities


Last Updated: 27 May 2016 10:47:58