CVE-2008-4909

Compact Cms < 1.1 - XSS

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors.

References (3)

[Various Sources] http://holisticinfosec.org/content/view/90/45/

[Vendor Advisory] http://secunia.com/advisories/32464

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46198

Scores

EPSS 0.0032

EPSS Percentile 54.9%

Classification

CWE

CWE-79

Status published

Affected Products (2)

compact_cms/compact_cms < 1.1

n/a/n/a

Timeline

Published Nov 04, 2008

Tracked Since Feb 18, 2026