Vulnerability Details CVE-2008-2490
Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/30386
- http://typo3.org/teams/security/security-bulletins/typo3-20080527-1/
- http://www.vupen.com/english/advisories/2008/1666/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42628
- http://secunia.com/advisories/30386
- http://typo3.org/teams/security/security-bulletins/typo3-20080527-1/
- http://www.vupen.com/english/advisories/2008/1666/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42628
Products affected by CVE-2008-2490
-
cpe:2.3:a:typo3:kj_imagelightbox2:*