Back to search
CVE-2008-1468
Published: Mar 24, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
HPSBMA02525
vendor-advisory
x_refsource_HP
SUSE-SR:2008:017
vendor-advisory
x_refsource_SUSE
29561
third-party-advisory
x_refsource_SECUNIA
31687
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-2678
vendor-advisory
x_refsource_FEDORA
HPSBMA02492
vendor-advisory
x_refsource_HP
28380
vdb-entry
x_refsource_BID
JVN#00892830
third-party-advisory
x_refsource_JVN
FEDORA-2008-2767
vendor-advisory
x_refsource_FEDORA
39645
third-party-advisory
x_refsource_SECUNIA
namazu-character-encoding-xss(41360)
vdb-entry
x_refsource_XF
http://www.namazu.org/security.html.en
x_refsource_CONFIRM
29386
third-party-advisory
x_refsource_SECUNIA
SSRT100083
vendor-advisory
x_refsource_HP
SSRT100079
vendor-advisory
x_refsource_HP
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now