CVE-2008-3847

Description

Multiple cross-site scripting (XSS) vulnerabilities in AN Guestbook (ANG) before 0.7.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

• aguestbook / an_guestbook0.7.5
• aguestbook / an_guestbook0.1 – 0.1
• aguestbook / an_guestbook0.2 – 0.2
• aguestbook / an_guestbook0.3.1 – 0.3.1
• aguestbook / an_guestbook0.3.2 – 0.3.2
• aguestbook / an_guestbook0.3.3 – 0.3.3
• aguestbook / an_guestbook0.3.4 – 0.3.4
• aguestbook / an_guestbook0.3.5 – 0.3.5
• aguestbook / an_guestbook0.4 – 0.4
• aguestbook / an_guestbook0.4.1 – 0.4.1
• aguestbook / an_guestbook0.4.5 – 0.4.5
• aguestbook / an_guestbook0.5 – 0.5
• aguestbook / an_guestbook0.6 – 0.6
• aguestbook / an_guestbook0.7 – 0.7
• aguestbook / an_guestbook0.7.1 – 0.7.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/44671
• MISChttp://sourceforge.net/forum/forum.php?forum_id=860304
• MISChttp://www.securityfocus.com/bid/30830
• VENDOR_ADVISORYhttp://secunia.com/advisories/31608