Cross-Site Scripting Vulnerabilities in Parallels H-Sphere
CVE-2008-6465

Currently unrated

Key Information:

Vendor

Parallels

Status
H-sphere
Vendor
CVE Published:
13 March 2009

What is CVE-2008-6465?

Multiple cross-site scripting vulnerabilities exist in the login.php file of webshell4 in Parallels H-Sphere, allowing remote attackers to inject arbitrary web scripts or HTML code. This is accomplished through manipulation of the parameters 'err', 'errorcode', and 'login'. The presence of these vulnerabilities can lead to unauthorized actions on behalf of users, compromising the integrity and security of the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.xssing.com/index.php?x=3&y=65
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/45252
vdb-entryx_refsource_XF
http://secunia.com/advisories/31830
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.