Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
http://japan.nucleuscms.org/bb/viewtopic.php?t=4131 | Issue Tracking Vendor Advisory |
http://japan.nucleuscms.org/item/47 | Vendor Advisory |
http://jvn.jp/en/jp/JVN92651529/index.html | Third Party Advisory VDB Entry |
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000066.html | Third Party Advisory VDB Entry |
http://secunia.com/advisories/32123 | Third Party Advisory |
http://www.securityfocus.com/bid/31590 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/45666 | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2008-10-06 19:54
Updated : 2024-02-04 17:33
NVD link : CVE-2008-4446
Mitre link : CVE-2008-4446
CVE.ORG link : CVE-2008-4446
JSON object : View
Products Affected
nucleus_cms
- nucleus
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')