CVEブラウザに戻る

CVE-2008-2344

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.0530%

EPSS Percentile25.05th

Published2008年5月19日

Last Modified2026年4月23日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Platforms (CPE)

📦

Typo3

Air Filemanager

= 0.6.0

References & Advisories

🔗 http://typo3.org/teams/security/security-bulletins/typo3-20080515-2/

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42448

🔗 http://typo3.org/teams/security/security-bulletins/typo3-20080515-2/

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/42448

関連する脆弱性情報

CVE-2008-234510.0

Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrar...

CVE-2008-66857.5

Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers ...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-034610.0

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 ...