Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in TWiki before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via the %URLPARAM{}% variable.
References 6 Total
- securityfocus.com: 32669 vdb-entry
- vupen.com: ADV-2008-3381 vdb-entry
- securitytracker.com: 1021351 vdb-entry
- exchange.xforce.ibmcloud.com: twiki-urlparam-xss(47122) vdb-entry
- http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5304
- secunia.com: 33040 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- securityfocus.com: 32669 vdb-entryx_transferred
- vupen.com: ADV-2008-3381 vdb-entryx_transferred
- securitytracker.com: 1021351 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: twiki-urlparam-xss(47122) vdb-entryx_transferred
- http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-5304 x_transferred
- secunia.com: 33040 third-party-advisoryx_transferred