CVE-2008-2236
Published Oct 3, 2008
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some of these details are obtained from third party information.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:blosxom:blosxom:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3A6413-5CC2-4EFA-8851-A6F874798691",
"versionEndIncluding": "2.1.1"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:0.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33DF0C2A-B10B-4893-A0EB-A7A8CDFF197A"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C71E946-DDD0-463A-8EB2-674C3D8770F8"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80C82CC2-6E8D-414B-AD11-8078C0BD6803"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91E96923-1E2D-4D35-9F98-35750B222960"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0-3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7BB3CB8-87D6-4D34-98A4-04E8D0592153"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0-4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9862DB91-E47D-4ABC-B5B6-5150BF8012C6"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A56B2824-8E8E-449D-9339-B2E0A8A734DB"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29604CC5-EB56-451A-8003-9A0C263B782F"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69CBED7A-933C-4A74-A029-171EF2B166F4"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E6211F6-E7D6-43A3-BDD4-6961011CC044"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9ABD2A2-DADD-4828-AE2C-3CA6783210C9"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B7A628E-DF1A-4108-AC0B-1E38B0FC1268"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C82D2040-54E6-41E4-96C5-27108D1A12BD"
},
{
"criteria": "cpe:2.3:a:blosxom:blosxom:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA0786AA-42CA-4BFB-BD8B-0726E687DECE"
}
],
"operator": "OR"
}
]
}
]