Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2008-2397

Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.6%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2008-2397
  • Dotcms » Dotcms » Version: 1.0
    cpe:2.3:a:dotcms:dotcms:1.0
  • Dotcms » Dotcms » Version: 1.2.0
    cpe:2.3:a:dotcms:dotcms:1.2.0
  • Dotcms » Dotcms » Version: 1.5.0
    cpe:2.3:a:dotcms:dotcms:1.5.0
  • Dotcms » Dotcms » Version: 1.5.1
    cpe:2.3:a:dotcms:dotcms:1.5.1
  • Dotcms » Dotcms » Version: 1.5.1.1
    cpe:2.3:a:dotcms:dotcms:1.5.1.1
  • Dotcms » Dotcms » Version: 1.6
    cpe:2.3:a:dotcms:dotcms:1.6
  • Dotcms » Dotcms » Version: 1.6.0.1
    cpe:2.3:a:dotcms:dotcms:1.6.0.1
  • Dotcms » Dotcms » Version: 1.6.0.2
    cpe:2.3:a:dotcms:dotcms:1.6.0.2
  • Dotcms » Dotcms » Version: 1.6.0.3
    cpe:2.3:a:dotcms:dotcms:1.6.0.3
  • Dotcms » Dotcms » Version: 1.6.0.4
    cpe:2.3:a:dotcms:dotcms:1.6.0.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved