CVE-2008-2768

Xigla Absolute Poll Manager XE - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via unspecified vectors ("all fields").

References (5)

[Exploit] http://bugreport.ir/index.php?/41

[Exploit] http://marc.info/?l=bugtraq&m=121322052622903&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43054

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29672

[Third Party Advisory] http://securityreason.com/securityalert/3950

Scores

EPSS 0.0024

EPSS Percentile 46.8%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

xigla/absolute_poll_manager_xe

Timeline

Published Jun 18, 2008

Tracked Since Feb 18, 2026