Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3253

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3253
Last Modified 07 Mar 2011 10:10:28
Published 22 Jul 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3253

Summary

Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Citrix Xenserver 4.1.0


References

XF - citrix-xenserver-xenapihttp-xss(43857)

VUPEN - ADV-2008-2117

SECTRACK - 1020515

BID - 30265

CONFIRM - http://support.citrix.com/article/CTX117814

SECUNIA - 31133


Last Updated: 27 May 2016 10:48:08