NVD

Id
4360  
Name
CVE-2008-4537  
Description
Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17336 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4535 and CVE-2008-4536.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-10-10  
Modified Date
2009-01-10  
Seq
2008-4537  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
27522 4360 CVE-2008-4537 JVN#26621646  View
27523 4360 CVE-2008-4537 JVNDB-2008-000062  View
27524 4360 CVE-2008-4537 http://www.ec-cube.net/release/detail.php?release_id=193  View
27525 4360 CVE-2008-4537 31509  View
27526 4360 CVE-2008-4537 eccube-unspecified3-xss(45851)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
45669 JVNDB-2008-000062 EC-CUBE におけるクロスサイトスクリプティングの脆弱性 株式会社ロックオンが提供する EC-CUBE には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-4537 34650 CVE-2008-4537 4360 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000062.html 2008-10-01 2009-08-25 View