Cross-Site Scripting Vulnerability in Novell eDirectory
CVE-2008-5093

Currently unrated

Key Information:

Vendor

Novell
Status
Edirectory
Vendor
CVE Published:
14 November 2008

What is CVE-2008-5093?

A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Protocol Stack (HTTPSTK) of Novell eDirectory prior to version 8.8 SP3. This flaw enables remote attackers to execute arbitrary web scripts or HTML on the vulnerable system, potentially compromising sensitive user data and undermining user trust. The vulnerability can be exploited through various unknown vectors, stressing the importance of timely updates and patches to mitigate such security risks.

References

http://www.securityfocus.com/bid/30947
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/46667
vdb-entryx_refsource_XF
http://www.novell.com/support/viewContent.do?externalId=3...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.