Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5757

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2008-5757
Last Modified 07 Jan 2009 12:00:00
Published 30 Dec 2008 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-5757

Summary

Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Body parameter in an article action. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Textpattern 4.0.1

  • Textpattern 4.0.2

  • Textpattern 4.0.3

  • Textpattern 4.0.4

  • Textpattern 4.0.5

  • Textpattern 4.0.6


References

BID - 27606

BUGTRAQ - 20080204 [DSECRG-08-008] Textpattern 4.0.5 Multiple Security Vulnerabilities

SECUNIA - 28793


Last Updated: 27 May 2016 10:48:54