SecuritySpace - CVE-2008-1165

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2008-1165

Description: Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote attackers to inject arbitrary web script or HTML via (1) a forced SQL error message or (2) old_value and new_value database fields in task summaries, related to the item_summary parameter in a details action in index.php. NOTE: some of these details are obtained from third party information.

Test IDs: 1.3.6.1.4.1.25623.1.0.61798

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-1165
http://secunia.com/advisories/29215
XForce ISS Database: flyspray-itemsummary-xss(40963)
https://exchange.xforce.ibmcloud.com/vulnerabilities/40963

CVE ID:	CVE-2008-1165
Description:	Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote attackers to inject arbitrary web script or HTML via (1) a forced SQL error message or (2) old_value and new_value database fields in task summaries, related to the item_summary parameter in a details action in index.php. NOTE: some of these details are obtained from third party information.
Test IDs:	1.3.6.1.4.1.25623.1.0.61798
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1165 http://secunia.com/advisories/29215 XForce ISS Database: flyspray-itemsummary-xss(40963) https://exchange.xforce.ibmcloud.com/vulnerabilities/40963