mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
77 lines
2.4 KiB
JSON
77 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2008-3596",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site scripting (XSS) vulnerability in Harmoni before 1.4.7 allows remote attackers to inject arbitrary web script or HTML via the Username field, which is inserted into logs that could be rendered when viewed by an administrator."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=2040255&group_id=82171&atid=1098812",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=2040255&group_id=82171&atid=1098812"
|
|
},
|
|
{
|
|
"name": "harmoni-username-xss(44394)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44394"
|
|
},
|
|
{
|
|
"name": "31406",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/31406"
|
|
},
|
|
{
|
|
"name": "30637",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/30637"
|
|
}
|
|
]
|
|
}
|
|
} |