CVE-2008-5808

{"id": "CVE-2008-5808", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-01-02T18:11:09.500", "references": [{"url": "http://jvn.jp/en/jp/JVN02216739/index.html", "source": "cve@mitre.org"}, {"url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000067.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/32935", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.movabletype.jp/blog/_movable_type_423.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/32604", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47019", "source": "cve@mitre.org"}, {"url": "http://jvn.jp/en/jp/JVN02216739/index.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000067.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/32935", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.movabletype.jp/blog/_movable_type_423.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/32604", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47019", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Enterprise (MTE) 1.x before 1.56; Movable Type (MT) 3.x before 3.38; and Movable Type, Movable Type Open Source (MTOS), and Movable Type Enterprise 4.x before 4.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to \"application management.\""}, {"lang": "es", "value": "Vulnerabilidad de Secuencias de comandos en Sitios Cruzados (XSS) en Six Apart Movable Type Enterprise (MTE) v1.x anteriores a v1.56; Movable Type (MT) v3.x anteriores a v3.38; y Movable Type, Movable Type Open Source (MTOS), y Movable Type Enterprise v4.x anteriores a v4.23, permite a atacantes remotos inyectar secuencias de comandos Web o HTML a trav\u00e9s de vectores no especificados, posiblemente est\u00e9 relacionado con \"gesti\u00f3n de la aplicaci\u00f3n\"."}], "lastModified": "2024-11-21T00:54:57.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:six_apart:movable_type:4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D62FC8B9-3B6A-46C6-94CD-E35941BB64C4"}, {"criteria": "cpe:2.3:a:six_apart:movable_type:4:unknown:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00239DBB-03C7-4E5C-860E-D0437702748B"}, {"criteria": "cpe:2.3:a:six_apart:movable_type:4:unknown:open_source:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB619291-69AA-4F90-8A3F-B9814906E890"}, {"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C55BC3C3-83AB-452C-AC2D-A53B3E0C3473"}, {"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:unknown:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B1D9C09-2BA0-484A-A0C3-6683B773F247"}, {"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:unknown:open_source:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCDC2602-7A4F-460A-B440-A0B6AC96C8C6"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.00:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1A33E50-6BFD-418F-9F3E-B42C013AA0F4"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.1:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC0F1B54-554E-45C7-8943-A73086C88385"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.2:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A56CDA00-DC8E-4042-A882-FB6D7D2F43B7"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.3:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C8F4F3A-9942-4263-BC42-CDCDACDFF2E3"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.4:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38626110-81A0-4C99-AB8F-D77FDF662887"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.5:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5212ADBE-9F50-4EAB-AC28-91314AA24595"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:1.31:*:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3542C36E-E457-46DD-A5F7-BD22E16F1C46"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.0d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "461319CC-BCDC-4E24-B384-1EEC8B7C4596"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "967DAF27-D561-4FDB-A65C-788551871E5E"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.01d:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD460D1D-5971-491E-863A-D230A0B28ED4"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BC178AF-FAF7-49E2-8AE7-1858BD67F44B"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CEA1C54-4636-44B1-B620-85F0D870797E"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1819A7A1-366A-4168-AE0E-4CE1FF0D3E3C"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9F743E8-72E9-4AEB-B137-A61EB67B8FF5"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE92182C-5BBE-4FCD-959B-E95630D16E17"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99E9BE91-D42E-4523-A48E-E7B4FBE7A924"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C5935CA-FDE2-4300-8091-DBD0DC4D2081"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF080128-CC7C-4F71-9268-B7691D54F358"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4783C1BD-B2BA-4D86-A61D-3EB2396DE1D1"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50782308-93FA-4F8F-93FB-4A4E55D95360"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5C968A9-F07A-4C99-B4A5-434E96DDB928"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:3.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9CD9174-EE47-40B8-8F49-81EAD89267D5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}