QwikSec

Security Database

CVE

CWE

Training

CVE-2008-2133

Published: May 9, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than CVE-2008-1873.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

nukeet-journalentry-xss(42238)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

http://www.mrzayas.es/2008/05/04/multiples-vulnerabilidades-en-nuket-3x/

x_refsource_MISC

http://truzone.org/modules.php?name=Forums&file=viewtopic&t=55141

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.