Cross-Site Scripting Vulnerabilities in XAMPP 1.6.7 by Apache Friends
CVE-2008-3569

Currently unrated

Key Information:

Vendor: Apache Friends
Status: Xampp
Vendor: CVE Published:; 10 August 2008

🔔 Create Apache Friends Vulnerability Alert

What is CVE-2008-3569?

Multiple cross-site scripting (XSS) vulnerabilities exist in XAMPP 1.6.7 when register_globals is enabled. Attackers can exploit these vulnerabilities to inject arbitrary web scripts or HTML through the 'text' parameter specifically in iart.php and ming.php. This poses a significant security risk as it allows remote attackers to manipulate content and potentially compromise systems using the affected software.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44214

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/30535

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/4127

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2008
Vulnerability Reserved
Aug 10, 2008

JSON