Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
References
Link | Resource |
---|---|
http://jvn.jp/en/jp/JVN38893575/index.html | Vendor Advisory |
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000008.html | Vendor Advisory |
http://www.rcdtokyo.com/pc2m/note/archives/i000854.php | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/49227 | |
http://jvn.jp/en/jp/JVN38893575/index.html | Vendor Advisory |
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000008.html | Vendor Advisory |
http://www.rcdtokyo.com/pc2m/note/archives/i000854.php | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/49227 |
Configurations
History
21 Nov 2024, 00:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://jvn.jp/en/jp/JVN38893575/index.html - Vendor Advisory | |
References | () http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000008.html - Vendor Advisory | |
References | () http://www.rcdtokyo.com/pc2m/note/archives/i000854.php - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/49227 - |
Information
Published : 2009-03-09 14:30
Updated : 2024-11-21 00:56
NVD link : CVE-2008-6450
Mitre link : CVE-2008-6450
CVE.ORG link : CVE-2008-6450
JSON object : View
Products Affected
under_construction_baby
- pc2m
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')