CVE Reference: CVE-2008-6879

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-6879

Description:
Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA31523

OSVDB
  51151

CONFIRM
  http://issues.apache.org/roller/browse/ROL-1766
  http://svn.apache.org/viewvc?view=rev&revision=668737

BID
  33110


Return to the previous page.