Description

Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4, allows remote attackers to inject arbitrary web script or HTML via the file parameter.

Remediation

References

CVE-2008-2462

Related Vulnerabilities

WordPress Plugin RegistrationMagic-User Registration with Custom Registration Forms Cross-Site Request Forgery (5.3.0.0)

OpenSSL Resource Management Errors Vulnerability (CVE-2010-2939)

WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Security Bypass (6.3.3)

WordPress Plugin Contact Form Email Cross-Site Scripting (1.3.24)

PHP Resource Management Errors Vulnerability (CVE-2012-0789)

Severity

Medium

Classification

CVE-2008-2462 CWE-707

Tags

Missing Update Known Vulnerabilities