CVE-2008-3101 in vtigerinformazioni

Riassunto

di MITRE

Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the parenttab parameter in an index action to the Products module, as reachable through index.php; (2) the user_password parameter in an Authenticate action to the Users module, as reachable through index.php; or (3) the query_string parameter in a UnifiedSearch action to the Home module, as reachable through index.php.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

09/07/2008

Divulgazione

03/09/2008

Moderazione

accettato

Voce

VDB-43868

CPE

pronto

CWE

CWE-79 (confermato)

Sfruttamento

Scaricare

CVSS

4.3 (NVD)

EPSS

0.03768

KEV

Attività

molto basso

Settore

Finance, Chemical, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3101
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3101
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3101/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!