CVE-2008-2398
Published May 21, 2008
Last updated 6 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "357DA904-542F-4E21-9633-DE813B6DF82B",
"versionEndIncluding": "2.5.10"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FAA36DC-B99C-40C5-B614-C451B7FBBFAC"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E3074DE-9611-4A65-B7CE-9131AB8E72CA"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE07EC69-518C-4B89-A1FD-465A0A587B0D"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F66A15D2-6689-47EC-97B4-00D95F78E5F9"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24A8198E-5466-49E9-9177-98D827A7C0FA"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "146CCDCF-E814-40B3-A9D0-AB02B117E9DF"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F4C7348-03B4-4C3C-AB0C-A07582995A36"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03439C26-6D02-498A-BA69-77501770D014"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:1.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D9141BA-1404-4985-A75B-3BDA082FB08E"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8E93EC1-5308-469F-9443-1B26E1309FC9"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DC735E4-E61A-40D5-8A9B-290A61CDC516"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59FEEF6C-6348-46BD-A804-66122524A0AC"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E2374B0-CAD6-4545-BB09-F6AC5781B6B5"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E57680A-6CEB-4E72-97F0-A80A6551CF85"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "816B562D-31CB-40DE-B221-EC391E39DDAC"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "770FE42B-6F4D-4633-8306-14FFD590FD5C"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D150045-AF98-4494-826D-97056E8A11D1"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE9B317E-5439-45DB-8E10-258703823C0D"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.4a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42661CC5-F4DB-42CC-B5F3-6EFDF0B207F2"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE92F7BE-72CC-4F7D-8B96-52C088F5C54B"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3704D7CB-D8AB-4A6B-B7FD-4AB816B97C59"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE3F10B6-1C1A-4BDE-9E28-2FCB69E23D78"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "616DC2B0-B5C6-4180-B885-91CD407E663D"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B3A07D6-3407-4805-9FAE-CD450674C35B"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA7AE5BB-05DA-4E2D-AD41-749990292F0E"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A7907A6-B27B-4E0E-BA3F-9EC28B00BEF6"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5252E8E-DACA-4A87-B374-461035E0B6CC"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E8CD53E-5AE3-43A4-8F38-ED907DF3FB76"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BED7E21-B7CF-4DB3-B3A9-ABE14E9DBCD7"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.4a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8E9E73C-D1E5-4326-B93D-10E8A5BC16EA"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF76C69E-0CC8-4864-90D3-7A3932BB1D21"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAA2608C-148D-4FF6-879A-D706FEE85D08"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68DD67F8-A7DF-4D01-9EE1-9C8F253DCFB3"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CD47131-2333-4735-ABA7-628D53D8E3B3"
},
{
"criteria": "cpe:2.3:a:appserv_open_project:appserv:2.5.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B53F0EB6-DB19-454A-9AB7-D920E8971FEC"
}
],
"operator": "OR"
}
]
}
]