Vulnerability Details CVE-2008-6299
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.3%
CVSS Severity
CVSS v2 Score 3.5
References
- http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html
- http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
- http://secunia.com/advisories/32622
- http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html
- http://www.securityfocus.com/bid/32263
- http://www.vupen.com/english/advisories/2008/3104
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46523
- http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html
- http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
- http://secunia.com/advisories/32622
- http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html
- http://www.securityfocus.com/bid/32263
- http://www.vupen.com/english/advisories/2008/3104
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46523
Products affected by CVE-2008-6299
-
cpe:2.3:a:joomla:joomla:*
-
cpe:2.3:a:joomla:joomla:1.0
-
cpe:2.3:a:joomla:joomla:1.0.0
-
cpe:2.3:a:joomla:joomla:1.0.1
-
cpe:2.3:a:joomla:joomla:1.0.10
-
cpe:2.3:a:joomla:joomla:1.0.11
-
cpe:2.3:a:joomla:joomla:1.0.12
-
cpe:2.3:a:joomla:joomla:1.0.13
-
cpe:2.3:a:joomla:joomla:1.0.14
-
cpe:2.3:a:joomla:joomla:1.0.2
-
cpe:2.3:a:joomla:joomla:1.0.3
-
cpe:2.3:a:joomla:joomla:1.0.4
-
cpe:2.3:a:joomla:joomla:1.0.5
-
cpe:2.3:a:joomla:joomla:1.0.6
-
cpe:2.3:a:joomla:joomla:1.0.7
-
cpe:2.3:a:joomla:joomla:1.0.8
-
cpe:2.3:a:joomla:joomla:1.0.9
-
cpe:2.3:a:joomla:joomla:1.03
-
cpe:2.3:a:joomla:joomla:1.5
-
cpe:2.3:a:joomla:joomla:1.5.0
-
cpe:2.3:a:joomla:joomla:1.5.0_beta
-
cpe:2.3:a:joomla:joomla:1.5.0_beta1
-
cpe:2.3:a:joomla:joomla:1.5.0_beta2
-
cpe:2.3:a:joomla:joomla:1.5.0_rc1
-
cpe:2.3:a:joomla:joomla:1.5.1
-
cpe:2.3:a:joomla:joomla:1.5.2
-
cpe:2.3:a:joomla:joomla:1.5.3
-
cpe:2.3:a:joomla:joomla:1.5.4
-
cpe:2.3:a:joomla:joomla:1.5.5
-
cpe:2.3:a:joomla:joomla:1.5.6
-
cpe:2.3:a:joomla:joomla:1.5rc3
-
cpe:2.3:a:joomla:joomla:1.5rc4