Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2008-1474

Published: 24/03/2008 Updated: 08/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Roundup-tracker

Vulnerability Summary

Multiple unspecified vulnerabilities in Roundup prior to 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS).

Vulnerable Product Search on Vulmon Subscribe to Product

roundup-tracker roundup

roundup-tracker roundup 1.4.2

roundup-tracker roundup 1.2.1

roundup-tracker roundup 1.2.0

roundup-tracker roundup 0.7.8

roundup-tracker roundup 0.7.7

roundup-tracker roundup 0.7.0

roundup-tracker roundup 0.8.2

roundup-tracker roundup 0.8.3

roundup-tracker roundup 0.8.4

roundup-tracker roundup 0.7.10

roundup-tracker roundup 0.7.11

roundup-tracker roundup 0.5.5

roundup-tracker roundup 0.5.6

roundup-tracker roundup 0.1.2

roundup-tracker roundup 0.2.1

roundup-tracker roundup 0.3.0

roundup-tracker roundup 0.2.6

roundup-tracker roundup 0.4.2

roundup-tracker roundup 0.4.0

roundup-tracker roundup 0.6.0

roundup-tracker roundup 0.5.0

roundup-tracker roundup 0.6.4

roundup-tracker roundup 0.6.3

roundup-tracker roundup 1.3.3

roundup-tracker roundup 1.3.2

roundup-tracker roundup 1.0

roundup-tracker roundup 1.0.1

roundup-tracker roundup 0.7.4

roundup-tracker roundup 0.7.3

roundup-tracker roundup 0.6.10

roundup-tracker roundup 0.6.9

roundup-tracker roundup 0.8.0

roundup-tracker roundup 0.5.9

roundup-tracker roundup 0.5

roundup-tracker roundup 0.5.1

roundup-tracker roundup 0.5.2

roundup-tracker roundup 0.2.5

roundup-tracker roundup 0.2.2

roundup-tracker roundup 1.3.1

roundup-tracker roundup 1.3.0

roundup-tracker roundup 0.7.6

roundup-tracker roundup 0.7.5

roundup-tracker roundup 0.8.6

roundup-tracker roundup 0.9.0

roundup-tracker roundup 0.8.1

roundup-tracker roundup 0.7.9

roundup-tracker roundup 0.5.7

roundup-tracker roundup 0.5.8

roundup-tracker roundup 0.1.1

roundup-tracker roundup 0.1.0

roundup-tracker roundup 0.1.3

roundup-tracker roundup 0.2.3

roundup-tracker roundup 0.2.8

roundup-tracker roundup 0.4.1

roundup-tracker roundup 0.6.6

roundup-tracker roundup 0.6.5

roundup-tracker roundup 1.4.1

roundup-tracker roundup 1.4.0

roundup-tracker roundup 1.1.2

roundup-tracker roundup 1.1.1

roundup-tracker roundup 1.1.0

roundup-tracker roundup 0.7.2

roundup-tracker roundup 0.7.1

roundup-tracker roundup 0.6.8

roundup-tracker roundup 0.6.7

roundup-tracker roundup 0.8.5

roundup-tracker roundup 0.7.12

roundup-tracker roundup 0.6.11

roundup-tracker roundup 0.5.3

roundup-tracker roundup 0.5.4

roundup-tracker roundup 0.2.0

roundup-tracker roundup 0.2.4

roundup-tracker roundup 0.2.7

roundup-tracker roundup 0.6.2

roundup-tracker roundup 0.6.1

Vendor Advisories

Debian CVElist Bug Report Logs: roundup: CVE-2008-1474 unspecified vulnerabilities
Debian Bug report logs - #472643 roundup: CVE-2008-1474 unspecified vulnerabilities Package: roundup; Maintainer for roundup is Kai Storbeck <kai@xs4allnl>; Source for roundup is src:roundup (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Tue, 25 Mar 2008 14:21:01 UTC Severity: important Tags: ...
Debian Security Advisories: DSA-1554-2 roundup -- insufficient input sanitising
Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser For the stable distribution (etch), this problem has been fixed in version 121-5+etch2 For the unstable distribution (sid), this problem has bee ...

References

CWE-79NVD-CWE-noinfohttps://bugzilla.redhat.com/show_bug.cgi?id=436546http://roundup.cvs.sourceforge.net/roundup/roundup/CHANGES.txt?revision=1.939&view=markuphttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00264.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00375.htmlhttp://www.securityfocus.com/bid/28239http://secunia.com/advisories/29336http://secunia.com/advisories/29375http://www.debian.org/security/2008/dsa-1554http://secunia.com/advisories/29848http://secunia.com/advisories/30274http://security.gentoo.org/glsa/glsa-200805-21.xmlhttp://www.vupen.com/english/advisories/2008/0891https://exchange.xforce.ibmcloud.com/vulnerabilities/41241https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472643https://nvd.nist.govhttps://www.debian.org/security/./dsa-1554
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook