Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5399

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5399
Last Modified 29 Jan 2009 01:59:07
Published 10 Dec 2008 01:44:41
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5399

Summary

Cross-site scripting (XSS) vulnerability in the listonlineusers (aka "Who's online") component in mvnForum before 1.2.1 GA allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Vulnerable Systems

Application

  • Mvnforum 1.0.0

  • Mvnforum 1.0.2.

  • Mvnforum 1.1

  • Mvnforum 1.2


References

BID - 32605

BUGTRAQ - 20081203 [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM

CONFIRM - http://www.mvnforum.com/mvnforum/viewthread_thread,4361

SREASON - 4699

MISC - http://security.bkis.vn/?p=286

SECUNIA - 32931

OSVDB - 50403


Last Updated: 27 May 2016 10:48:48