CVE-2008-5786

Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
infraesilva
1.0.2
infraesilva
1.0.3
infraesilva
1.1
infraesilva
1.1.1
infraesilva
1.1.2
infraesilva
1.1.4
infraesilva
1.1.5
infraesilva
1.1b1:b1
infraesilva
1.1b2:b2
infraesilva
1.2
infraesilva
1.2.1
infraesilva
1.2.2
infraesilva
1.2.3
infraesilva
1.2b1:b1
infraesilva
1.3
infraesilva
1.3b3:b3
infraesilva
1.4
infraesilva
1.4.1
infraesilva
1.4.2
infraesilva
1.4b1:b1
infraesilva
1.5
infraesilva
1.5.2
infraesilva
1.5.3
infraesilva
1.5.4
infraesilva
1.5.5
infraesilva
1.5.6
infraesilva
1.5.7
infraesilva
1.5.8
infraesilva
1.5.9
infraesilva
1.5.10
infraesilva
1.5.12
infraesilva
1.5b1:b1
infraesilva
1.6
infraesilva
1.6.1
infraesilva
1.6.2
infraesilva
1.6.3
infraesilva
1.6b3:b3
infraesilva
1.6b4:b4
infraesilva
2.0
infraesilva
2.0.1
infraesilva
2.0.2
infraesilva
2.0.3
infraesilva
2.0.4
infraesilva
2.0.5
infraesilva
2.0.6
infraesilva
2.0.7
infraesilva
2.0.8
infraesilva
2.0.9
infraesilva
2.0.10
infraesilva
2.0.12
infraesilva
2.0a1:a1
infraesilva
2.0b1:b1
infraesilva
2.1
infraesilva
2.1a2:a2
infraesilva
2.1b1:b1
infraesilva_find
𝑥
≤ 1.1.5
infraesilva_find
0.1
infraesilva_find
0.1.1
infraesilva_find
0.1.2
infraesilva_find
1.0
infraesilva_find
1.1
infraesilva_find
1.1.1
infraesilva_find
1.1.1.2
infraesilva_find
1.1.1.3
infraesilva_find
1.1.2
infraesilva_find
1.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://holisticinfosec.org/content/view/91/45/
http://secunia.com/advisories/32585
http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07
http://www.osvdb.org/49659
http://www.securityfocus.com/bid/32183
https://exchange.xforce.ibmcloud.com/vulnerabilities/46427
http://holisticinfosec.org/content/view/91/45/
http://secunia.com/advisories/32585
http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07
http://www.osvdb.org/49659
http://www.securityfocus.com/bid/32183
https://exchange.xforce.ibmcloud.com/vulnerabilities/46427