Vulnerability Description
Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Spacetag | Lacoodast | <= 2.1.3 |
| System Consultants | La Cooda Wiz | <= 1.4.0 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN27417220/index.html
- http://jvn.jp/en/jp/JVN52557009/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000048.html
- http://secunia.com/advisories/31574Vendor Advisory
- http://secunia.com/advisories/31582Vendor Advisory
- http://wiz.syscon.co.jp/Details.htm
- http://www.securityfocus.com/bid/30791
- http://www.spacetag.jp/modules/products/index.php?id=54
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44593
- http://jvn.jp/en/jp/JVN27417220/index.html
- http://jvn.jp/en/jp/JVN52557009/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000048.html
- http://secunia.com/advisories/31574Vendor Advisory
- http://secunia.com/advisories/31582Vendor Advisory
- http://wiz.syscon.co.jp/Details.htm
FAQ
What is CVE-2008-3739?
CVE-2008-3739 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or...
How severe is CVE-2008-3739?
CVE-2008-3739 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3739?
Check the references section above for vendor advisories and patch information. Affected products include: Spacetag Lacoodast, System Consultants La Cooda Wiz.