mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
82 lines
2.6 KiB
JSON
82 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2008-0769",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://withdk.com/archives/livelink-utf7-xss-advisory.pdf",
|
|
"refsource": "MISC",
|
|
"url": "http://withdk.com/archives/livelink-utf7-xss-advisory.pdf"
|
|
},
|
|
{
|
|
"name": "27537",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/27537"
|
|
},
|
|
{
|
|
"name": "20080131 Livelink UTF-7 XSS Vulnerability",
|
|
"refsource": "FULLDISC",
|
|
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059985.html"
|
|
},
|
|
{
|
|
"name": "28723",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/28723"
|
|
},
|
|
{
|
|
"name": "livelink-utf7-security-bypass(40123)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40123"
|
|
}
|
|
]
|
|
}
|
|
} |