CVE-2008-2788

Opendocman - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.

References (2)

[Patch, Vendor Advisory] http://secunia.com/advisories/30750

[Product] http://sourceforge.net/tracker/index.php?func=detail&aid=1975163&group_id=69505&atid=524753

Scores

EPSS 0.0026

EPSS Percentile 49.4%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

opendocman/opendocman

Timeline

Published Jun 20, 2008

Tracked Since Feb 18, 2026