CVE-2008-1048

CVE-2008-1048

EPSS 1.1%

Cross-site scripting (XSS) vulnerability in manager/xmedia.php in Plume CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/29116 https://exchange.xforce.ibmcloud.com/vulnerabilities/40841 http://www.digitrustgroup.com/advisories/web-application-security-plume-cms.html http://www.securityfocus.com/bid/27999 http://www.securitytracker.com/id?1019507