NVD

Id
2435  
Name
CVE-2008-2527  
Description
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-06-03  
Modified Date
2009-04-08  
Seq
2008-2527  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
15472 2435 CVE-2008-2527 http://www.majorsecurity.de/index_2.php?major_rls=major_rls52  View
15473 2435 CVE-2008-2527 20080512 [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues  View
15474 2435 CVE-2008-2527 29177  View
15475 2435 CVE-2008-2527 actualanalyzer-view-xss(42367)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47810 JVNDB-2008-003120 複数の ActualScripts ActualAnalyzer 製品におけるクロスサイトスクリプティングの脆弱性 ActualScripts ActualAnalyzer Server、ActualAnalyzer Gold、ActualAnalyzer Pro および ActualAnalyzer Lite の view.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-2527 32640 CVE-2008-2527 2435 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003120.html 2008-06-03 2012-06-26 View