Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
References
Link | Resource |
---|---|
http://secunia.com/advisories/30845 | Third Party Advisory |
http://www.caucho.com/resin/changes/changes-31.xtp#3.1.4%20-%20Dec%205%2C%202007 | |
http://www.kb.cert.org/vuls/id/305208 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/29948 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id?1020372 | Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2008/1930/references | Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/43367 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2008-06-30T22:00:00
Updated: 2017-08-07T12:57:01
Reserved: 2008-05-28T00:00:00
Link: CVE-2008-2462
JSON object: View
NVD Information
Status : Modified
Published: 2008-06-30T22:41:00.000
Modified: 2023-11-07T02:02:13.840
Link: CVE-2008-2462
JSON object: View
Redhat Information
No data.
CWE