CVE-2008-4168

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 22-09-2008 08:34

Last modified: - 05-10-2022 04:31

Total changes: - 2

Description

Cross-site scripting (XSS) vulnerability in verify_login.jsp in Pro2col Stingray FTS allows remote attackers to inject arbitrary web script or HTML via the form_username parameter (aka user name field).

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

4.3

Base score

8.6

2.9

Exploitability score

Impact score

Verification logic

Reference

31148-
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3809
4285-
stingray-verifylogin-xss(45107)-
20080912 [scip_Advisory 3809] Pro2col StingRay FTS login username cross site scripting-

Keywords

CVE-2008-4168

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2008-4168

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures