CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1306

Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content Manager (CM) allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to (1) searchresults.cfm, (2) search_results.cfm, and (3) search_results/index.cfm. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/29298
http://www.besavvy.com/blog/index.cfm/2008/3/11/Security-Patch
http://www.securityfocus.com/bid/28200
https://exchange.xforce.ibmcloud.com/vulnerabilities/41342
http://secunia.com/advisories/29298
http://www.besavvy.com/blog/index.cfm/2008/3/11/Security-Patch
http://www.securityfocus.com/bid/28200
https://exchange.xforce.ibmcloud.com/vulnerabilities/41342

Products affected by CVE-2008-1306

Besavvy » Savvy Content Manager » Version: Any

cpe:2.3:a:besavvy:savvy_content_manager:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1306

Products

Pricing

Contact Us