CVE-2008-0925

Novell Edirectory - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the iMonitor interface in Novell eDirectory 8.7.3.x before 8.7.3 sp10, and 8.8.x before 8.8.2 ftf2, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters that are used within "error messages of the HTTP stack."

References (8)

Scores

EPSS 0.0109
EPSS Percentile 77.7%

Classification

CWE
CWE-79
Status draft

Affected Products (16)

novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
novell/edirectory
... and 1 more

Timeline

Published Jun 18, 2008
Tracked Since Feb 18, 2026