CVE-2008-5720

EUVD-2022-4479
Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
seasarmayaa
𝑥
≤ 1.1.22
seasarmayaa
0.1.0
seasarmayaa
0.1.0f:f
seasarmayaa
0.1.1
seasarmayaa
0.1.2
seasarmayaa
0.1.3
seasarmayaa
0.2.0
seasarmayaa
0.3.0
seasarmayaa
0.4.0
seasarmayaa
0.9.0
seasarmayaa
0.9.1
seasarmayaa
0.9.2
seasarmayaa
0.9.3
seasarmayaa
0.9.4
seasarmayaa
0.9.5
seasarmayaa
0.9.6
seasarmayaa
0.9.7
seasarmayaa
0.9.7.1
seasarmayaa
0.9.8
seasarmayaa
0.9.9
seasarmayaa
0.9.10
seasarmayaa
0.9.11
seasarmayaa
0.9.12
seasarmayaa
0.9.13
seasarmayaa
0.9.14
seasarmayaa
0.9.15
seasarmayaa
0.9.16
seasarmayaa
0.9.17
seasarmayaa
0.9.18
seasarmayaa
0.9.19
seasarmayaa
0.9.20
seasarmayaa
0.9.20a:a
seasarmayaa
1.0.0
seasarmayaa
1.0.0:beta1
seasarmayaa
1.0.0:beta2
seasarmayaa
1.0.0:beta3
seasarmayaa
1.0.0:rc1
seasarmayaa
1.0.1
seasarmayaa
1.0.2
seasarmayaa
1.0.3
seasarmayaa
1.1.0
seasarmayaa
1.1.0:beta1
seasarmayaa
1.1.0:beta2
seasarmayaa
1.1.0:beta3
seasarmayaa
1.1.0:beta4
seasarmayaa
1.1.0:beta5
seasarmayaa
1.1.0:beta6
seasarmayaa
1.1.1
seasarmayaa
1.1.2
seasarmayaa
1.1.3
seasarmayaa
1.1.4
seasarmayaa
1.1.5
seasarmayaa
1.1.6
seasarmayaa
1.1.7
seasarmayaa
1.1.8
seasarmayaa
1.1.9
seasarmayaa
1.1.10
seasarmayaa
1.1.11
seasarmayaa
1.1.12
seasarmayaa
1.1.13
seasarmayaa
1.1.14
seasarmayaa
1.1.15
seasarmayaa
1.1.16
seasarmayaa
1.1.17
seasarmayaa
1.1.18
seasarmayaa
1.1.19
seasarmayaa
1.1.20
seasarmayaa
1.1.21
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN17298485/index.html
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html
http://mayaa.seasar.org/news/vulnerability20081225.html
http://osvdb.org/51007
http://secunia.com/advisories/33333
http://www.securityfocus.com/bid/33015
https://exchange.xforce.ibmcloud.com/vulnerabilities/47623
http://jvn.jp/en/jp/JVN17298485/index.html
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html
http://mayaa.seasar.org/news/vulnerability20081225.html
http://osvdb.org/51007
http://secunia.com/advisories/33333
http://www.securityfocus.com/bid/33015
https://exchange.xforce.ibmcloud.com/vulnerabilities/47623