Cross-Site Scripting Vulnerabilities in Tendenci CMS
CVE-2008-0793

Currently unrated

Key Information:

Vendor

Tendenci

Status
Cms
Vendor
CVE Published:
15 February 2008

What is CVE-2008-0793?

Multiple cross-site scripting (XSS) vulnerabilities exist in the search.asp component of Tendenci CMS. These flaws allow remote attackers to inject arbitrary web scripts or HTML through various parameters, including category, searchtext, jobcategoryid, and contactcompany. It remains uncertain if this vulnerability also affects the Tendenci Enterprise Edition or is limited to its deployment on Tendenci’s server infrastructure. The impact of this vulnerability can lead to the unauthorized disclosure of sensitive information and a compromised user experience for visitors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/28882
third-party-advisoryx_refsource_SECUNIA
http://holisticinfosec.blogspot.com/2008/02/fastest-fix-i...
x_refsource_MISC
http://blog.tendenci.com/2008/02/cross-site-scri.html
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.