CVE-2008-1792
Published Apr 15, 2008
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in the insertion filter in the Flickr Drupal module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-alpha allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "799CA80B-F3FA-4183-A791-2071A7DA1E54"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drupalr:flickr:5.x-0.0-beta:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3DDA2C5-E375-4D1B-A77C-3C6AC3CA85B1"
},
{
"criteria": "cpe:2.3:a:drupalr:flickr:5.x-1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "428C00AC-F002-437F-AE48-9AD80736D1C8"
},
{
"criteria": "cpe:2.3:a:drupalr:flickr:5.x-1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A707077-29CF-4C18-A1EC-E1A9FAD2E2FC"
},
{
"criteria": "cpe:2.3:a:drupalr:flickr:5.x-1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC512201-8791-488A-9CFD-10994D754EC2"
},
{
"criteria": "cpe:2.3:a:drupalr:flickr:5.x-1.x-dev:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "562C6942-42DD-475B-AC82-0CAB6429F5B0"
},
{
"criteria": "cpe:2.3:a:drupalr:flickr:6.x-1.x-dev:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A91C7019-8698-41C8-88DA-99BE98AAD210"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]