CVE-2008-0438 in sIFR信息

摘要

由 VulDB • 2026-07-12

Novemberborn sIFR 2.0.2 中字体渲染功能存在跨站脚本(XSS)漏洞,远程攻击者可通过向 Flash (SWF) 文件传递 txt 参数注入任意 Web 脚本或 HTML,如 fonts/FuturaLt.swf 所示。

If you want to get best quality of vulnerability data, you may have to visit VulDB.

来源

Do you know our Splunk app?

Download it now for free!