CVE-2008-6299

EUVD-2008-6269
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
joomlajoomla
𝑥
≤ 1.5.7
joomlajoomla
1.0
joomlajoomla
1.0.0
joomlajoomla
1.0.1
joomlajoomla
1.0.2
joomlajoomla
1.0.3
joomlajoomla
1.0.4
joomlajoomla
1.0.5
joomlajoomla
1.0.6
joomlajoomla
1.0.7
joomlajoomla
1.0.8
joomlajoomla
1.0.9
joomlajoomla
1.0.10
joomlajoomla
1.0.11
joomlajoomla
1.0.12
joomlajoomla
1.0.13
joomlajoomla
1.0.14
joomlajoomla
1.03
joomlajoomla
1.5
joomlajoomla
1.5.0:beta
joomlajoomla
1.5.0:beta1
joomlajoomla
1.5.0:beta2
joomlajoomla
1.5.0:rc1
joomlajoomla
1.5.0_beta:_beta
joomlajoomla
1.5.0_beta1:_beta1
joomlajoomla
1.5.0_beta2:_beta2
joomlajoomla
1.5.0_rc1:_rc1
joomlajoomla
1.5.1
joomlajoomla
1.5.2
joomlajoomla
1.5.3
joomlajoomla
1.5.4
joomlajoomla
1.5.5
joomlajoomla
1.5.6
joomlajoomla
1.5rc3:rc3
joomlajoomla
1.5rc4:rc4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html
http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
http://secunia.com/advisories/32622
http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html
http://www.securityfocus.com/bid/32263
http://www.vupen.com/english/advisories/2008/3104
https://exchange.xforce.ibmcloud.com/vulnerabilities/46523
http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html
http://developer.joomla.org/security/news/284-20081102-core-comweblinks-xss-vulnerability.html
http://secunia.com/advisories/32622
http://www.joomla.org/announcements/release-news/5219-joomla-158-released.html
http://www.securityfocus.com/bid/32263
http://www.vupen.com/english/advisories/2008/3104
https://exchange.xforce.ibmcloud.com/vulnerabilities/46523