Vulnerability Description
Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the (1) author_name, (2) itemtitle, and (3) item parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| E107 | E107 | 0.7.11 |
Related Weaknesses (CWE)
References
- http://www.juniper.net/security/auto/vulnerabilities/vuln28982.html
- http://www.securityfocus.com/bid/28982
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42248
- http://www.juniper.net/security/auto/vulnerabilities/vuln28982.html
- http://www.securityfocus.com/bid/28982
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42248
FAQ
What is CVE-2008-6208?
CVE-2008-6208 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in submitnews.php in e107 CMS 0.7.11 allows remote attackers to inject arbitrary web script or HTML via the (1) author_name, (2) itemtitle, and (3) item parame...
How severe is CVE-2008-6208?
CVE-2008-6208 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6208?
Check the references section above for vendor advisories and patch information. Affected products include: E107 E107.