CVE-2008-2397

Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Configurations

Configuration 1

cpe:2.3:a:dotcms:dotcms:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6:rc3:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.0:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6:rc2:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6:rc1:*:*:*:*:*:*
cpe:2.3:a:dotcms:dotcms:1.6.0.4:*:*:*:*:*:*:*

Information

Published : 2008-05-21 01:24

Updated : 2017-08-08 01:31


NVD link : CVE-2008-2397

Mitre link : CVE-2008-2397

Products Affected
No products.
CWE