Vulnerability Description
Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| John Godley | Search Unleashed | 0.2.10 |
| Wordpress | Search Unleashed Plugin | 0.2.10 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/28968Vendor Advisory
- http://securityreason.com/securityalert/3674
- http://urbangiraffe.com/tracker/issues/show/60
- http://www.securityfocus.com/archive/1/488109/100/0/threaded
- http://www.securityfocus.com/bid/27791
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40513
- http://secunia.com/advisories/28968Vendor Advisory
- http://securityreason.com/securityalert/3674
- http://urbangiraffe.com/tracker/issues/show/60
- http://www.securityfocus.com/archive/1/488109/100/0/threaded
- http://www.securityfocus.com/bid/27791
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40513
FAQ
What is CVE-2008-0837?
CVE-2008-0837 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s par...
How severe is CVE-2008-0837?
CVE-2008-0837 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0837?
Check the references section above for vendor advisories and patch information. Affected products include: John Godley Search Unleashed, Wordpress Search Unleashed Plugin.