CVE-2008-2553
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2008-2553
Status
Candidate
Description
Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to inject arbitrary web script or HTML via the userfield parameter.
Phase
Assigned (05.06.2008)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2553
References
BID :
29548
CONFIRM :
http://slashcode.cvs.sourceforge.net/slashcode/sla...
CONFIRM :
http://www.slashcode.com/article.pl?sid=08/01/04/1...
CONFIRM :
http://www.slashcode.com/article.pl?sid=08/01/07/2...
DEBIAN :
DSA-1633
SECTRACK :
1020207
SECUNIA :
30551
SECUNIA :
31691
XF :
slash-userfield-xss(42882)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
