CVE-2008-2764

Xigla Absolute Live Support XE - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5.1 allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors ("all fields").

References (5)

[Exploit] http://bugreport.ir/index.php?/41

[Exploit] http://marc.info/?l=bugtraq&m=121322052622903&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43049

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29672

[Third Party Advisory] http://securityreason.com/securityalert/3950

Scores

EPSS 0.0024

EPSS Percentile 46.8%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

xigla/absolute_live_support_xe

Timeline

Published Jun 18, 2008

Tracked Since Feb 18, 2026