Vulnerability Details CVE-2008-2997
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://securityreason.com/securityalert/3970
- http://www.securityfocus.com/bid/29685
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43021
- https://www.exploit-db.com/exploits/5791
- http://securityreason.com/securityalert/3970
- http://www.securityfocus.com/bid/29685
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43021
- https://www.exploit-db.com/exploits/5791
Products affected by CVE-2008-2997
-
cpe:2.3:a:gravityboardx:gravity_board_x:2.0