← Voltar para CVEs
CVE-2008-2553
N/ADescricao
Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to inject arbitrary web script or HTML via the userfield parameter.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado6/5/2008
Ultima modificacao4/9/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
slashcode.com:slash
Fraquezas (CWE)
CWE-79
Referencias
http://secunia.com/advisories/30551(cve@mitre.org)
http://secunia.com/advisories/31691(cve@mitre.org)
http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225(cve@mitre.org)
http://www.debian.org/security/2008/dsa-1633(cve@mitre.org)
http://www.securityfocus.com/bid/29548(cve@mitre.org)
http://www.securitytracker.com/id?1020207(cve@mitre.org)
http://www.slashcode.com/article.pl?sid=08/01/07/2314232(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42882(cve@mitre.org)
http://secunia.com/advisories/30551(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31691(af854a3a-2127-422b-91ae-364da2661108)
http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1633(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/29548(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1020207(af854a3a-2127-422b-91ae-364da2661108)
http://www.slashcode.com/article.pl?sid=08/01/04/1950244&tid=4(af854a3a-2127-422b-91ae-364da2661108)
http://www.slashcode.com/article.pl?sid=08/01/07/2314232(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42882(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.