CVE-2008-1972

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in the user account creation feature in Exponent CMS 0.96.6-GA20071003 and earlier, when the Allow Registration? configuration option is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) firstname, (3) lastname, and (4) e-mail address fields. NOTE: some of these details are obtained from third party information.

🔗 References (10)

cve@mitrehttp://secunia.com/advisories/29875
cve@mitrehttp://sourceforge.net/project/shownotes.php?release_id=592961&group_id=118524
cve@mitrehttp://www.exponentcms.org/index.php?action=view&id=64&module=newsmodule&src=%40random44fe03276195
cve@mitrehttp://www.securityfocus.com/bid/28834
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/41878
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29875
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/project/shownotes.php?release_id=592961&group_id=118524
af854a3a-2127-422b-91ae-364da2661108http://www.exponentcms.org/index.php?action=view&id=64&module=newsmodule&src=%40random44fe03276195
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28834
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41878

Is Your Infrastructure Affected by CVE-2008-1972?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1972

📅 Published

🔄 Last Modified

🔗 References (10)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1972?