Vulnerability Description
Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tor World | Com Vote | 1.2 |
| Tor World | I-Navigator | 4.0 |
| Tor World | Interactive Bbs | 1.3 |
| Tor World | Mobile Frontier | 2.1 |
| Tor World | Quotes Of The Day | 1.5 |
| Tor World | Simple Bbs | 1.3 |
| Tor World | Simple Vote | 1.1 |
| Tor World | Tor Board | 1.1 |
| Tor World | Tor News | 1.21 |
| Tor World | Tor Search | 1.1 |
Related Weaknesses (CWE)
References
- http://download.torworld.com/bug/20080221.html
- http://jvn.jp/jp/JVN%2354593414/index.html
- http://secunia.com/advisories/29039Vendor Advisory
- http://www.securityfocus.com/bid/27919
- http://download.torworld.com/bug/20080221.html
- http://jvn.jp/jp/JVN%2354593414/index.html
- http://secunia.com/advisories/29039Vendor Advisory
- http://www.securityfocus.com/bid/27919
FAQ
What is CVE-2008-0917?
CVE-2008-0917 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and...
How severe is CVE-2008-0917?
CVE-2008-0917 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0917?
Check the references section above for vendor advisories and patch information. Affected products include: Tor World Com Vote, Tor World I-Navigator, Tor World Interactive Bbs, Tor World Mobile Frontier, Tor World Quotes Of The Day.