Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2759

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2759
Last Modified 14 Apr 2009 01:32:37
Published 18 Jun 2008 06:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2759

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) showfields, (2) text, and (3) submissions parameters to search.asp and the (4) name parameter to users.asp. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Xigla Absolute Form Processor Xe 4.0


References

XF - absoluteform-search-users-xss(43047)

BID - 29672

SREASON - 3950

SECUNIA - 30640

BUGTRAQ - 20080611 Xigla Multiple Products - Multiple Vulnerabilities

MISC - http://bugreport.ir/index.php?/41


Last Updated: 27 May 2016 10:47:58