Cross-site scripting (XSS) vulnerability in textarea/index.php in Textpattern (aka Txp CMS) 4.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Body parameter in an article action. NOTE: some of these details are obtained from third party information.
References
Link | Resource |
---|---|
http://secunia.com/advisories/28793 | Vendor Advisory |
http://www.securityfocus.com/archive/1/487483/100/200/threaded | |
http://www.securityfocus.com/bid/27606 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-12-30T19:00:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-12-30T00:00:00
Link: CVE-2008-5757
JSON object: View
NVD Information
Status : Modified
Published: 2008-12-30T19:30:00.377
Modified: 2018-10-11T20:56:44.260
Link: CVE-2008-5757
JSON object: View
Redhat Information
No data.
CWE