cvelistv5 - cve-2008-5720

CVE-2008-5720 (GCVE-0-2008-5720)

Vulnerability from cvelistv5 – Published: 2008-12-26 17:08 – Updated: 2024-08-07 11:04

Summary

Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/33333	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/33015	vdb-entryx_refsource_BID
	http://osvdb.org/51007	vdb-entryx_refsource_OSVDB
	http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-0…	third-party-advisoryx_refsource_JVNDB
	http://mayaa.seasar.org/news/vulnerability20081225.html	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN17298485/index.html	third-party-advisoryx_refsource_JVN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T11:04:44.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "mayaa-errorpage-xss(47623)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
          },
          {
            "name": "33333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33333"
          },
          {
            "name": "33015",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33015"
          },
          {
            "name": "51007",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/51007"
          },
          {
            "name": "JVNDB-2008-000085",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
          },
          {
            "name": "JVN#17298485",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-12-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "mayaa-errorpage-xss(47623)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
        },
        {
          "name": "33333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33333"
        },
        {
          "name": "33015",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33015"
        },
        {
          "name": "51007",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/51007"
        },
        {
          "name": "JVNDB-2008-000085",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
        },
        {
          "name": "JVN#17298485",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5720",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "mayaa-errorpage-xss(47623)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
            },
            {
              "name": "33333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33333"
            },
            {
              "name": "33015",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33015"
            },
            {
              "name": "51007",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/51007"
            },
            {
              "name": "JVNDB-2008-000085",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
            },
            {
              "name": "http://mayaa.seasar.org/news/vulnerability20081225.html",
              "refsource": "CONFIRM",
              "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
            },
            {
              "name": "JVN#17298485",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-5720",
    "datePublished": "2008-12-26T17:08:00",
    "dateReserved": "2008-12-26T00:00:00",
    "dateUpdated": "2024-08-07T11:04:44.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.1.22\", \"matchCriteriaId\": \"148D2F2D-C7DF-4476-B523-0663690E5F23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35502985-0EE4-4EFE-A65E-12D45424C6BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.1.0f:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DA3AEC8-6526-44E8-BE50-B1A0A24999BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42B07EC1-5014-4844-9745-F5DD5BBA5235\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"460CEC42-E7B3-4861-8178-BAAC984D3786\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE16C6F2-BB97-453F-AD80-FB841DBB3764\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D1BD85C-DF97-4F1C-8F9C-3590AE0A7E62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F8379E6-B059-4AA3-AD99-D0F05CDB62E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E224FB88-039B-43CE-BE26-E1BC7611A4E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DE7C9C9-EA81-4F24-8F00-A4EDCC56C123\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70CD409C-D6EB-4B1B-AA24-3A4724C4C5AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"705A1021-26AB-4C2F-902C-EFE1DF378476\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5A2BC02-842E-4263-B45A-5DE39159ABFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F75E8386-97FF-4BAA-B093-F53AEC61572D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE4C76DD-D022-4DA7-8193-DE4ADB393473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1DDF6FE-CA59-449D-89CA-43755517CF45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"407F6DF4-55C2-4ACF-8CC1-621A08451416\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C1E71AF-4B0B-4B93-8FC1-66C377854600\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB2151E1-F2BC-4211-AC23-E8EA02459DD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D08D030-935A-4637-A9E0-28A8B80C5F7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AB5FEAA-DE93-4924-AC01-9CD0AB2CF0C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"015902EF-F87C-423C-AFD4-B5EC4AB58037\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02B5E666-9D5D-4C22-B289-27C8C27D1EA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB812D74-B5BF-4DC2-8F2D-3E4D19FB955E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2E15228-1F9D-4116-BCF2-8AB81791F776\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2678FE15-D74B-4719-94AD-4F4170755996\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F99F56A-03B9-41A0-B41B-85BF64807950\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A68E53E-E11A-4E61-9154-AB53B46435FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA485425-CBBF-4421-9EF9-E15624741FFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63785AB0-8297-4604-9E80-F81268FE3E3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87BC2330-8532-410E-9175-400D7A197B1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:0.9.20a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9BE5E1D-0576-4DE3-AA70-693B45C4408D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8768412-0081-4A58-A6BC-35EAE0949CE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D9D4CFA-D58F-4A87-95E3-BFB46AF932BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"70E05F24-2792-4C43-B692-85D3D70BDB3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8D7FF44-1D82-4B05-9937-59A910F58736\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA135D9F-AE1E-4A73-878B-210B64DB6473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AC0E8CB-FF8F-4FA0-A004-777C7E5B696C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E96BBA4-C1D6-4AE5-A637-92E770B0CCC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0CBD141-BCE4-479B-AA95-8B9FBFAE6EFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4669663-C2D1-4076-A4CD-F032A14B4F5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"233A0A34-91F5-4CD9-96C3-75DD710E8606\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"58BE8980-14BE-453D-9760-C50FA9859F5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"96F6668F-9596-4CEB-8905-4FB5CC20587A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"78BF40B5-0721-4C91-A4F3-3BAEA5B2268B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6A44DD1-52EF-40BA-8303-28C7CE842410\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.0:beta6:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E1EE904-9EA4-445A-BCDB-4C624AA46233\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECD0FC53-3AF7-45A3-BF6C-A27199F4AAB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28957D35-8DEE-4DA8-A565-95DF7AC4E294\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B22EC4D0-341D-4964-BFBD-BAEE9400A7C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E521783A-C6E9-4B2D-A295-9722259C4B9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CFC65F3-4B38-4B29-9B1C-325A36F1A6A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D321E720-6E00-4EB2-B253-4BDF766BCE3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BDCFEFD-39A0-4966-8A24-8AE9F0A051FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A09402E8-C487-46D0-9B96-5458968D7A50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A93043D-C586-43D9-9B37-A413D8AFEE8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E50D7FA7-AD00-41A7-9952-DDDC6C7D6410\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABA29603-1916-4211-B5F9-437A82000E79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C20AE9F9-E78E-42E6-8B85-0016AAAC51AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D5307D6-DB49-4913-A7E8-2BA117116B51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FEB5E1D-576A-4D16-85F6-344ADF9EB6DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53C3510A-067B-4029-A859-7F15E366B5D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBCFC635-CDB0-48BD-AFB1-250F77A3CDF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D349E517-F99B-41E5-B6FF-AAA0BAB361FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3060AE4D-91CB-471E-961C-2C24EE0EE11E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48834D46-3613-4C28-AE6E-8C83A665163D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61F1478D-1963-4597-8D93-600DE54155EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:seasar:mayaa:1.1.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A60A6991-2388-4A8A-B410-C075056796CF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mayaa antes de v1.1.23 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante vectores no especificados que involucran la p\\u00e1gina de error por defecto para la excepci\\u00f3n org.seasar.mayaa.impl.engine.PageNotFoundException y posiblemente otras excepciones.\"}]",
      "id": "CVE-2008-5720",
      "lastModified": "2024-11-21T00:54:44.150",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2008-12-26T17:30:00.483",
      "references": "[{\"url\": \"http://jvn.jp/en/jp/JVN17298485/index.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://mayaa.seasar.org/news/vulnerability20081225.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/51007\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/33333\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/33015\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/47623\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://jvn.jp/en/jp/JVN17298485/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://mayaa.seasar.org/news/vulnerability20081225.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/51007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/33333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/33015\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/47623\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-5720\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-12-26T17:30:00.483\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mayaa antes de v1.1.23 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante vectores no especificados que involucran la p\u00e1gina de error por defecto para la excepci\u00f3n org.seasar.mayaa.impl.engine.PageNotFoundException y posiblemente otras excepciones.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.22\",\"matchCriteriaId\":\"148D2F2D-C7DF-4476-B523-0663690E5F23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35502985-0EE4-4EFE-A65E-12D45424C6BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.1.0f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA3AEC8-6526-44E8-BE50-B1A0A24999BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42B07EC1-5014-4844-9745-F5DD5BBA5235\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"460CEC42-E7B3-4861-8178-BAAC984D3786\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE16C6F2-BB97-453F-AD80-FB841DBB3764\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1BD85C-DF97-4F1C-8F9C-3590AE0A7E62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F8379E6-B059-4AA3-AD99-D0F05CDB62E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E224FB88-039B-43CE-BE26-E1BC7611A4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DE7C9C9-EA81-4F24-8F00-A4EDCC56C123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70CD409C-D6EB-4B1B-AA24-3A4724C4C5AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"705A1021-26AB-4C2F-902C-EFE1DF378476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5A2BC02-842E-4263-B45A-5DE39159ABFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F75E8386-97FF-4BAA-B093-F53AEC61572D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4C76DD-D022-4DA7-8193-DE4ADB393473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1DDF6FE-CA59-449D-89CA-43755517CF45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"407F6DF4-55C2-4ACF-8CC1-621A08451416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C1E71AF-4B0B-4B93-8FC1-66C377854600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB2151E1-F2BC-4211-AC23-E8EA02459DD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D08D030-935A-4637-A9E0-28A8B80C5F7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AB5FEAA-DE93-4924-AC01-9CD0AB2CF0C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"015902EF-F87C-423C-AFD4-B5EC4AB58037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B5E666-9D5D-4C22-B289-27C8C27D1EA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB812D74-B5BF-4DC2-8F2D-3E4D19FB955E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E15228-1F9D-4116-BCF2-8AB81791F776\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2678FE15-D74B-4719-94AD-4F4170755996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F99F56A-03B9-41A0-B41B-85BF64807950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A68E53E-E11A-4E61-9154-AB53B46435FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA485425-CBBF-4421-9EF9-E15624741FFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63785AB0-8297-4604-9E80-F81268FE3E3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87BC2330-8532-410E-9175-400D7A197B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:0.9.20a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9BE5E1D-0576-4DE3-AA70-693B45C4408D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8768412-0081-4A58-A6BC-35EAE0949CE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D9D4CFA-D58F-4A87-95E3-BFB46AF932BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"70E05F24-2792-4C43-B692-85D3D70BDB3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8D7FF44-1D82-4B05-9937-59A910F58736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA135D9F-AE1E-4A73-878B-210B64DB6473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AC0E8CB-FF8F-4FA0-A004-777C7E5B696C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E96BBA4-C1D6-4AE5-A637-92E770B0CCC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0CBD141-BCE4-479B-AA95-8B9FBFAE6EFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4669663-C2D1-4076-A4CD-F032A14B4F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"233A0A34-91F5-4CD9-96C3-75DD710E8606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"58BE8980-14BE-453D-9760-C50FA9859F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"96F6668F-9596-4CEB-8905-4FB5CC20587A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"78BF40B5-0721-4C91-A4F3-3BAEA5B2268B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6A44DD1-52EF-40BA-8303-28C7CE842410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E1EE904-9EA4-445A-BCDB-4C624AA46233\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECD0FC53-3AF7-45A3-BF6C-A27199F4AAB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28957D35-8DEE-4DA8-A565-95DF7AC4E294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B22EC4D0-341D-4964-BFBD-BAEE9400A7C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E521783A-C6E9-4B2D-A295-9722259C4B9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CFC65F3-4B38-4B29-9B1C-325A36F1A6A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D321E720-6E00-4EB2-B253-4BDF766BCE3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDCFEFD-39A0-4966-8A24-8AE9F0A051FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A09402E8-C487-46D0-9B96-5458968D7A50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A93043D-C586-43D9-9B37-A413D8AFEE8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E50D7FA7-AD00-41A7-9952-DDDC6C7D6410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABA29603-1916-4211-B5F9-437A82000E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C20AE9F9-E78E-42E6-8B85-0016AAAC51AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D5307D6-DB49-4913-A7E8-2BA117116B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FEB5E1D-576A-4D16-85F6-344ADF9EB6DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53C3510A-067B-4029-A859-7F15E366B5D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBCFC635-CDB0-48BD-AFB1-250F77A3CDF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D349E517-F99B-41E5-B6FF-AAA0BAB361FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3060AE4D-91CB-471E-961C-2C24EE0EE11E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48834D46-3613-4C28-AE6E-8C83A665163D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61F1478D-1963-4597-8D93-600DE54155EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:seasar:mayaa:1.1.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A60A6991-2388-4A8A-B410-C075056796CF\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN17298485/index.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mayaa.seasar.org/news/vulnerability20081225.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/51007\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/33333\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/33015\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/47623\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvn.jp/en/jp/JVN17298485/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mayaa.seasar.org/news/vulnerability20081225.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/51007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/33333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/33015\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/47623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2008-5720

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-5720

Aliases

CVE-2008-5720

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-5720",
    "description": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.",
    "id": "GSD-2008-5720"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-5720"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.",
      "id": "GSD-2008-5720",
      "modified": "2023-12-13T01:23:03.780110Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-5720",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "mayaa-errorpage-xss(47623)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
          },
          {
            "name": "33333",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33333"
          },
          {
            "name": "33015",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33015"
          },
          {
            "name": "51007",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/51007"
          },
          {
            "name": "JVNDB-2008-000085",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
          },
          {
            "name": "http://mayaa.seasar.org/news/vulnerability20081225.html",
            "refsource": "CONFIRM",
            "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
          },
          {
            "name": "JVN#17298485",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.22",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.20a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.1.0f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.1.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:1.0.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:seasar:mayaa:0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5720"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://mayaa.seasar.org/news/vulnerability20081225.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
            },
            {
              "name": "JVNDB-2008-000085",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
            },
            {
              "name": "JVN#17298485",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
            },
            {
              "name": "33333",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/33333"
            },
            {
              "name": "51007",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/51007"
            },
            {
              "name": "33015",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33015"
            },
            {
              "name": "mayaa-errorpage-xss(47623)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-08T01:33Z",
      "publishedDate": "2008-12-26T17:30Z"
    }
  }
}

GHSA-M3P9-C7P3-XXMP

Vulnerability from github – Published: 2022-05-17 02:17 – Updated: 2024-02-09 18:52

Summary

Mayaa Cross-site Scripting vulnerability

Details

Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.github.seasarorg.mayaa:mayaa"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2008-5720"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-09T18:52:47Z",
    "nvd_published_at": "2008-12-26T17:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the `org.seasar.mayaa.impl.engine.PageNotFoundException` exception and possibly other exceptions.",
  "id": "GHSA-m3p9-c7p3-xxmp",
  "modified": "2024-02-09T18:52:47Z",
  "published": "2022-05-17T02:17:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5720"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/seasarorg/mayaa"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20090622223640/http://secunia.com/advisories/33333"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200301074809/http://www.securityfocus.com/bid/33015"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
    },
    {
      "type": "WEB",
      "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Mayaa Cross-site Scripting vulnerability "
}

JVNDB-2008-000085

Vulnerability from jvndb - Published: 2008-12-25 16:22 - Updated:2008-12-25 16:22

Severity ?

() - -

Summary

Mayaa cross-site scripting vulnerability

Details

Mayaa from Seasar Project contains a cross-site scripting vulnerability. Mayaa from Seasar Project is an open source Java template engine. The default error page that Mayaa displays contains a cross-site scripting vulnerability. Tetsuo Nakamura of NEC Soft,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN17298485/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5720
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5720
	SECUNIA	http://secunia.com/advisories/33333
	BID	http://www.securityfocus.com/bid/33015
	XF	http://xforce.iss.net/xforce/xfdb/47623
	OSVDB	http://osvdb.org/51007
	JVNDB_Ja	http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000085.html
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Mayaa

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html",
  "dc:date": "2008-12-25T16:22+09:00",
  "dcterms:issued": "2008-12-25T16:22+09:00",
  "dcterms:modified": "2008-12-25T16:22+09:00",
  "description": "Mayaa from Seasar Project contains a cross-site scripting vulnerability. \r\n\r\nMayaa from Seasar Project is an open source Java template engine. The default error page that Mayaa displays contains a cross-site scripting vulnerability. \r\n\r\nTetsuo Nakamura of NEC Soft,Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html",
  "sec:cpe": {
    "#text": "cpe:/a:the_seasar_foundation:mayaa",
    "@product": "Mayaa",
    "@vendor": "Mayaa",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2008-000085",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN17298485/index.html",
      "@id": "JVN#17298485",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5720",
      "@id": "CVE-2008-5720",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5720",
      "@id": "CVE-2008-5720",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/33333",
      "@id": "SA33333",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/33015",
      "@id": "33015",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/47623",
      "@id": "47623",
      "@source": "XF"
    },
    {
      "#text": "http://osvdb.org/51007",
      "@id": "51007",
      "@source": "OSVDB"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000085.html",
      "@id": "JVNDB-2008-000085",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Mayaa cross-site scripting vulnerability"
}

FKIE_CVE-2008-5720

Vulnerability from fkie_nvd - Published: 2008-12-26 17:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://jvn.jp/en/jp/JVN17298485/index.html
	cve@mitre.org	http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html
	cve@mitre.org	http://mayaa.seasar.org/news/vulnerability20081225.html
	cve@mitre.org	http://osvdb.org/51007
	cve@mitre.org	http://secunia.com/advisories/33333
	cve@mitre.org	http://www.securityfocus.com/bid/33015
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47623
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN17298485/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html
	af854a3a-2127-422b-91ae-364da2661108	http://mayaa.seasar.org/news/vulnerability20081225.html
	af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/51007
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33333
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33015
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47623

Impacted products

Vendor	Product	Version
seasar	mayaa	*
seasar	mayaa	0.1.0
seasar	mayaa	0.1.0f
seasar	mayaa	0.1.1
seasar	mayaa	0.1.2
seasar	mayaa	0.1.3
seasar	mayaa	0.2.0
seasar	mayaa	0.3.0
seasar	mayaa	0.4.0
seasar	mayaa	0.9.0
seasar	mayaa	0.9.1
seasar	mayaa	0.9.2
seasar	mayaa	0.9.3
seasar	mayaa	0.9.4
seasar	mayaa	0.9.5
seasar	mayaa	0.9.6
seasar	mayaa	0.9.7
seasar	mayaa	0.9.7.1
seasar	mayaa	0.9.8
seasar	mayaa	0.9.9
seasar	mayaa	0.9.10
seasar	mayaa	0.9.11
seasar	mayaa	0.9.12
seasar	mayaa	0.9.13
seasar	mayaa	0.9.14
seasar	mayaa	0.9.15
seasar	mayaa	0.9.16
seasar	mayaa	0.9.17
seasar	mayaa	0.9.18
seasar	mayaa	0.9.19
seasar	mayaa	0.9.20
seasar	mayaa	0.9.20a
seasar	mayaa	1.0.0
seasar	mayaa	1.0.0
seasar	mayaa	1.0.0
seasar	mayaa	1.0.0
seasar	mayaa	1.0.0
seasar	mayaa	1.0.1
seasar	mayaa	1.0.2
seasar	mayaa	1.0.3
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.0
seasar	mayaa	1.1.1
seasar	mayaa	1.1.2
seasar	mayaa	1.1.3
seasar	mayaa	1.1.4
seasar	mayaa	1.1.5
seasar	mayaa	1.1.6
seasar	mayaa	1.1.7
seasar	mayaa	1.1.8
seasar	mayaa	1.1.9
seasar	mayaa	1.1.10
seasar	mayaa	1.1.11
seasar	mayaa	1.1.12
seasar	mayaa	1.1.13
seasar	mayaa	1.1.14
seasar	mayaa	1.1.15
seasar	mayaa	1.1.16
seasar	mayaa	1.1.17
seasar	mayaa	1.1.18
seasar	mayaa	1.1.19
seasar	mayaa	1.1.20
seasar	mayaa	1.1.21

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "148D2F2D-C7DF-4476-B523-0663690E5F23",
              "versionEndIncluding": "1.1.22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35502985-0EE4-4EFE-A65E-12D45424C6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.1.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DA3AEC8-6526-44E8-BE50-B1A0A24999BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42B07EC1-5014-4844-9745-F5DD5BBA5235",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "460CEC42-E7B3-4861-8178-BAAC984D3786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE16C6F2-BB97-453F-AD80-FB841DBB3764",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1BD85C-DF97-4F1C-8F9C-3590AE0A7E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F8379E6-B059-4AA3-AD99-D0F05CDB62E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E224FB88-039B-43CE-BE26-E1BC7611A4E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE7C9C9-EA81-4F24-8F00-A4EDCC56C123",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "70CD409C-D6EB-4B1B-AA24-3A4724C4C5AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "705A1021-26AB-4C2F-902C-EFE1DF378476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A2BC02-842E-4263-B45A-5DE39159ABFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75E8386-97FF-4BAA-B093-F53AEC61572D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE4C76DD-D022-4DA7-8193-DE4ADB393473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DDF6FE-CA59-449D-89CA-43755517CF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "407F6DF4-55C2-4ACF-8CC1-621A08451416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1E71AF-4B0B-4B93-8FC1-66C377854600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB2151E1-F2BC-4211-AC23-E8EA02459DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D08D030-935A-4637-A9E0-28A8B80C5F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB5FEAA-DE93-4924-AC01-9CD0AB2CF0C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "015902EF-F87C-423C-AFD4-B5EC4AB58037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B5E666-9D5D-4C22-B289-27C8C27D1EA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB812D74-B5BF-4DC2-8F2D-3E4D19FB955E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E15228-1F9D-4116-BCF2-8AB81791F776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "2678FE15-D74B-4719-94AD-4F4170755996",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F99F56A-03B9-41A0-B41B-85BF64807950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A68E53E-E11A-4E61-9154-AB53B46435FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA485425-CBBF-4421-9EF9-E15624741FFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "63785AB0-8297-4604-9E80-F81268FE3E3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "87BC2330-8532-410E-9175-400D7A197B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:0.9.20a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9BE5E1D-0576-4DE3-AA70-693B45C4408D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8768412-0081-4A58-A6BC-35EAE0949CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "6D9D4CFA-D58F-4A87-95E3-BFB46AF932BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "70E05F24-2792-4C43-B692-85D3D70BDB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "A8D7FF44-1D82-4B05-9937-59A910F58736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "CA135D9F-AE1E-4A73-878B-210B64DB6473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AC0E8CB-FF8F-4FA0-A004-777C7E5B696C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E96BBA4-C1D6-4AE5-A637-92E770B0CCC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0CBD141-BCE4-479B-AA95-8B9FBFAE6EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4669663-C2D1-4076-A4CD-F032A14B4F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "233A0A34-91F5-4CD9-96C3-75DD710E8606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "58BE8980-14BE-453D-9760-C50FA9859F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "96F6668F-9596-4CEB-8905-4FB5CC20587A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "78BF40B5-0721-4C91-A4F3-3BAEA5B2268B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "A6A44DD1-52EF-40BA-8303-28C7CE842410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "3E1EE904-9EA4-445A-BCDB-4C624AA46233",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD0FC53-3AF7-45A3-BF6C-A27199F4AAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "28957D35-8DEE-4DA8-A565-95DF7AC4E294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B22EC4D0-341D-4964-BFBD-BAEE9400A7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E521783A-C6E9-4B2D-A295-9722259C4B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CFC65F3-4B38-4B29-9B1C-325A36F1A6A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D321E720-6E00-4EB2-B253-4BDF766BCE3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDCFEFD-39A0-4966-8A24-8AE9F0A051FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A09402E8-C487-46D0-9B96-5458968D7A50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A93043D-C586-43D9-9B37-A413D8AFEE8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50D7FA7-AD00-41A7-9952-DDDC6C7D6410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABA29603-1916-4211-B5F9-437A82000E79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20AE9F9-E78E-42E6-8B85-0016AAAC51AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D5307D6-DB49-4913-A7E8-2BA117116B51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FEB5E1D-576A-4D16-85F6-344ADF9EB6DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C3510A-067B-4029-A859-7F15E366B5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCFC635-CDB0-48BD-AFB1-250F77A3CDF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D349E517-F99B-41E5-B6FF-AAA0BAB361FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "3060AE4D-91CB-471E-961C-2C24EE0EE11E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "48834D46-3613-4C28-AE6E-8C83A665163D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "61F1478D-1963-4597-8D93-600DE54155EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:seasar:mayaa:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A60A6991-2388-4A8A-B410-C075056796CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mayaa antes de v1.1.23 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante vectores no especificados que involucran la p\u00e1gina de error por defecto para la excepci\u00f3n org.seasar.mayaa.impl.engine.PageNotFoundException y posiblemente otras excepciones."
    }
  ],
  "id": "CVE-2008-5720",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-12-26T17:30:00.483",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/51007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/33333"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33015"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN17298485/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-5720 (GCVE-0-2008-5720)

GSD-2008-5720

GHSA-M3P9-C7P3-XXMP

JVNDB-2008-000085

FKIE_CVE-2008-5720

Tags

Sightings

Nomenclature