CVE-2008-6835

UNKNOWN

Cross-site scripting (XSS) vulnerability in OpenID 5

Published Jun 27, 2009

Modified 1 years ago

Details

Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

WEBhttp://drupal.org/node/280592 WEBhttp://drupal.org/node/280593 WEBhttp://osvdb.org/46938 ADVISORYhttp://secunia.com/advisories/31027 WEBhttp://www.securityfocus.com/bid/30165 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2008-6835

CVSS Analysis

CVSS v2.0

4.3

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

PartialI:P

Availability

NoneA:N

4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N

Ecosystems

Timeline

PublishedJun 27, 2009

ModifiedSep 16, 2024