CVE-2008-3678 | SynScan

Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2008-3678

Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway before 1.4.2.197 allows remote attackers to inject arbitrary web script or HTML via the URL.

Published: Aug 14, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3678
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
damian_hickey / freeway	1.1.1.80	1.1.1.80.x
damian_hickey / freeway	1.3.2.154	1.3.2.154.x
damian_hickey / freeway	1.3	1.3.x
damian_hickey / freeway	1.4.1.170	1.4.1.170.x
damian_hickey / freeway	1.0.60	1.0.60.x
damian_hickey / freeway	1.4.1.171	1.4.1.171.x
damian_hickey / freeway	1.1.0.76	1.1.0.76.x
damian_hickey / freeway	1.2.0.113	1.2.0.113.x
damian_hickey / freeway	1.3.1.147	1.3.1.147.x