CVE-2008-3186

EUVD-2008-3176
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
chipmunk_scriptschipmunk_blogger
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/29883
https://exchange.xforce.ibmcloud.com/vulnerabilities/43319
http://www.securityfocus.com/bid/29883
https://exchange.xforce.ibmcloud.com/vulnerabilities/43319