Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5228

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2008-5228
Last Modified 07 Mar 2011 10:14:12
Published 25 Nov 2008 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-5228

Summary

Cross-site scripting (XSS) vulnerability in IBM Workplace Content Management (WCM) 6.0G and 6.1 before CF8, when a Page Navigation Component shows menu entries, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in the URI, related to parameters "not being encoded."

Vulnerable Systems

Application

  • Ibm Workplace Content Management 6.0

  • Ibm Workplace Content Management 6.1


References

AIXAPAR - PK73933

XF - ibm-lotus-workplace-navigation-xss(46749)

VUPEN - ADV-2008-3234

BID - 32408

AIXAPAR - PK73108

SECUNIA - 32763


Last Updated: 27 May 2016 10:48:44