← Back to CVEs
CVE-2008-2553
N/ADescription
Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to inject arbitrary web script or HTML via the userfield parameter.
CVE Details
CVSS v3.1 ScoreN/A
Published6/5/2008
Last Modified4/9/2025
Sourcenvd
Honeypot Sightings0
Affected Products
slashcode.com:slash
Weaknesses (CWE)
CWE-79
References
http://secunia.com/advisories/30551(cve@mitre.org)
http://secunia.com/advisories/31691(cve@mitre.org)
http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225(cve@mitre.org)
http://www.debian.org/security/2008/dsa-1633(cve@mitre.org)
http://www.securityfocus.com/bid/29548(cve@mitre.org)
http://www.securitytracker.com/id?1020207(cve@mitre.org)
http://www.slashcode.com/article.pl?sid=08/01/07/2314232(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42882(cve@mitre.org)
http://secunia.com/advisories/30551(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31691(af854a3a-2127-422b-91ae-364da2661108)
http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1633(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/29548(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1020207(af854a3a-2127-422b-91ae-364da2661108)
http://www.slashcode.com/article.pl?sid=08/01/04/1950244&tid=4(af854a3a-2127-422b-91ae-364da2661108)
http://www.slashcode.com/article.pl?sid=08/01/07/2314232(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42882(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.