CVE-2008-7206

Electronic Logbook <2.7.2 - XSS

Title source: llm

Description

Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting (XSS).

References (4)

[Patch] http://www.securityfocus.com/bid/27526

[Various Sources] https://midas.psi.ch/elog/download/ChangeLog

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/40124

[Third Party Advisory, VDB Entry] http://osvdb.org/41685

Scores

EPSS 0.0032

EPSS Percentile 54.6%

Classification

CWE

CWE-79

Status published

Affected Products (24)

stefan_ritt/elog_web_logbook < 2.7.6

stefan_ritt/elog_web_logbook

... and 9 more

Timeline

Published Sep 11, 2009

Tracked Since Feb 18, 2026