Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5668

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5668
Last Modified 29 Jan 2009 01:59:49
Published 18 Dec 2008 08:52:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5668

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.

Vulnerable Systems

Application

  • Textpattern 4.0.5


References

BID - 27606

CONFIRM - http://textpattern.com/weblog/310/textpattern-406-released

BUGTRAQ - 20080204 [DSECRG-08-008] Textpattern 4.0.5 Multiple Security Vulnerabilities

SREASON - 4786

SECUNIA - 28793


Last Updated: 27 May 2016 10:48:52