CVE-2008-5093

Novell eDirectory < 8.8 SP3 - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30947
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46667
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020785
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2462

Scores

EPSS 0.0064
EPSS Percentile 70.7%

Details

CWE
CWE-79
Status published
Products (16)
novell/edirectory
novell/edirectory 8.0
novell/edirectory 8.5.12a
novell/edirectory 8.5.27
novell/edirectory 8.6.2
novell/edirectory 8.7
novell/edirectory 8.7.1 (2 CPE variants)
novell/edirectory 8.7.3 (10 CPE variants)
novell/edirectory 8.7.3.8
novell/edirectory 8.7.3.8_presp9
... and 6 more
Published Nov 14, 2008
Tracked Since Feb 18, 2026