CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2008-6465
https://notcve.org/view.php?id=CVE-2008-6465
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters. Múltiples vulnerabilidades ejecución de secuencias de comandos en sitios cruzados (XSS) en login.php en webshell4 en Parallels H-Sphere 3.0.0 P9 y el 3.1 P1 permiten a atacantes remotos inyectar HTML o scripts web arbitrarios a través de los parámetros (1) err, (2) errorcode, y (3) login. • http://osvdb.org/48232 http://secunia.com/advisories/31830 http://www.securityfocus.com/bid/31256 http://www.xssing.com/index.php?x=3&y=65 https://exchange.xforce.ibmcloud.com/vulnerabilities/45252 https://exchange.xforce.ibmcloud.com/vulnerabilities/45254 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •