CVE-2008-1953
Magnolia Enterprise Edition <1.1.5 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Sitedesigner before 1.1.5 search template in Magnolia Enterprise Edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References (4)
Scores
EPSS
0.0029
EPSS Percentile
51.6%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
magnolia/site_designer
< 1.0.13
Timeline
Published
Apr 25, 2008
Tracked Since
Feb 18, 2026