Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-07-28 10:41
Updated : 2017-08-07 18:31
NVD link : CVE-2008-3353
Mitre link : CVE-2008-3353
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
puresw
- lore