CVE-2008-2236

Blosxom < 2.1.1 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some of these details are obtained from third party information.

References (6)

Scores

EPSS 0.0047
EPSS Percentile 64.5%

Classification

CWE
CWE-79
Status published

Affected Products (16)

blosxom/blosxom < 2.1.1
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
blosxom/blosxom
... and 1 more

Timeline

Published Oct 03, 2008
Tracked Since Feb 18, 2026