Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6283

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6283
Last Modified 16 Jul 2013 12:03:22
Published 25 Feb 2009 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6283

Summary

Cross-site scripting (XSS) vulnerability in Subtext 2.0 allows remote attackers to inject arbitrary web script or HTML via a comment, related to "the feature which converts URLs to anchor tags."

Vulnerable Systems

Application

  • Subtextproject Subtext 2.0


References

BID - 32513

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=643458&group_id=137896

MISC - http://haacked.com/archive/2008/11/27/subtext-2.1-security-update.aspx

XF - subtext-anchortag-xss(46937)

SECUNIA - 32914

OSVDB - 50235


Last Updated: 27 May 2016 10:49:08