NVD

Id
3279  
Name
CVE-2008-3398  
Description
Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-07-31  
Modified Date
2009-01-29  
Seq
2008-3398  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
20698 3279 CVE-2008-3398 4081  View
20699 3279 CVE-2008-3398 6131  View
20700 3279 CVE-2008-3398 20080725 XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities  View
20701 3279 CVE-2008-3398 30369  View
20702 3279 CVE-2008-3398 xrmscrm-msg-xss(43994)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50771 JVNDB-2008-006081 XRMS CRM におけるクロスサイトスクリプティングの脆弱性 XRMS CRM は、login.php に関する処理に不備があるため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-3398 33511 CVE-2008-3398 3279 2.6 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006081.html 2008-07-31 2012-12-20 View