Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4481

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4481
Last Modified 18 Mar 2009 01:43:13
Published 07 Oct 2008 10:00:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4481

Summary

Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Redmine 0.1.0

  • Redmine 0.2.1

  • Redmine 0.2.2

  • Redmine 0.3.0

  • Redmine 0.4.0

  • Redmine 0.4.1

  • Redmine 0.4.2

  • Redmine 0.5.0

  • Redmine 0.5.1

  • Redmine 0.6.0

  • Redmine 0.6.1

  • Redmine 0.6.2

  • Redmine 0.6.3

  • Redmine 0.6.4

  • Redmine 0.7.0

  • Redmine 0.7.1

  • Redmine 0.7.2


References

BID - 30241

XF - redmine-unspecified-xss(43884)

CONFIRM - http://www.redmine.org/wiki/redmine/Changelog

JVNDB - JVNDB-2008-000038

JVN - JVN#00945448


Last Updated: 27 May 2016 10:48:30