CVE-2008-1037

EUVD-2008-1048
Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
packeteerpacketshaper
8.2.2
packeteerpolicycenter
8.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29119
http://securityreason.com/securityalert/3701
http://www.securityfocus.com/archive/1/488712/100/0/threaded
http://www.securityfocus.com/bid/27982
http://www.securitytracker.com/id?1019501
http://secunia.com/advisories/29119
http://securityreason.com/securityalert/3701
http://www.securityfocus.com/archive/1/488712/100/0/threaded
http://www.securityfocus.com/bid/27982
http://www.securitytracker.com/id?1019501