CVE

Id
30693  
CVE No.
CVE-2008-0576  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors that write to summary table pages.  
Phase
Assigned (20080204)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
326514 30693 CVE-2008-0576 CONFIRM:http://drupal.org/node/216062  View
326515 30693 CVE-2008-0576 VUPEN:ADV-2008-0376  View
326516 30693 CVE-2008-0576 URL:http://www.vupen.com/english/advisories/2008/0376/references  View
326517 30693 CVE-2008-0576 SECUNIA:28731  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
47373 JVNDB-2008-002683 Geert Moernaut LSrunasE および Supercrypt における暗号鍵を取得される脆弱性 Geert Moernaut LSrunasE および Supercrypt は、実行形式ファイル埋め込まれた固定文字の SHA1 ハッシュの生成に暗号鍵を使用するため、リバースエンジニアリング無しにこの鍵を取得される脆弱性が存在します。 CVE-2008-0580 30693 2.1 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002683.html  View