CVE-2008-2861 in Site Composerinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameters to login.asp.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

06/24/2008

Disclosure

06/25/2008

CPE

ready

Exploit

Download

CVSS

4.3

EPSS

0.06697

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2008-2861
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2008-2861
CVE Detailshttps://www.cvedetails.com/cve/CVE-2008-2861/

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!