NVD

Id
6677  
Name
CVE-2008-6946  
Description
Cross-site scripting (XSS) vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an editform action, related to admin.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2009-08-12  
Modified Date
2009-08-12  
Seq
2008-6946  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
38330 6677 CVE-2008-6946 7076  View
38331 6677 CVE-2008-6946 20081110 Collabtive 0.4.8 Multiple Vulnerabilities  View
38332 6677 CVE-2008-6946 32229  View
38333 6677 CVE-2008-6946 collabtive-admin-xss(46496)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
42052 JVNDB-2009-003059 Collabtive の manageproject.php におけるクロスサイトスクリプティングの脆弱性 Collabtive の manageproject.php は、管理者が admin.php に関連した editform アクションを実行する際、適切に処理しないため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-6946 37059 CVE-2008-6946 6677 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003059.html 2009-08-12 2012-06-26 View