Cross-Site Scripting Vulnerability in Apache Roller by Apache
CVE-2008-6879

Currently unrated

Key Information:

Vendor

Apache
Status
Roller
Vendor
CVE Published:
30 July 2009

What is CVE-2008-6879?

A Cross-Site Scripting (XSS) vulnerability exists in multiple versions of Apache Roller, allowing remote attackers to inject arbitrary web scripts or HTML. This flaw specifically arises through the 'q' parameter in the search action, which can be exploited to manipulate user inputs and execute unauthorized scripts in the context of an affected user’s session. This vulnerability poses significant security risks as it can lead to data theft, session hijacking, and possibly broader attacks on the web application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/31523
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/51151
vdb-entryx_refsource_OSVDB
http://svn.apache.org/viewvc?view=rev&revision=668737
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.