MidnightBSD

Advisories for puresw

CVE-2008-3353 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
puresw lore 1.4.3
puresw lore 1.0.7
puresw lore 1.5.7
puresw lore 1.0.3
puresw lore 1.4.2
puresw lore 1.0.4
puresw lore 1.1.2
puresw lore 1.0.8
puresw lore 1.5.9
puresw lore 1.5.2
puresw lore 1.5.3
puresw lore 1.5.0
puresw lore 1.6.0
puresw lore 1.1.1
puresw lore 1.6.1
puresw lore 1.0.2
puresw lore 1.4.0
puresw lore 1.5.5
puresw lore 1.5.8
puresw lore 1.3.0
puresw lore 1.1.0
puresw lore 1.5.1
puresw lore *
puresw lore 1.5.6
puresw lore 1.0.9
puresw lore 1.5.4
puresw lore 1.6.2
puresw lore 1.4.1
puresw lore 1.0.5
puresw lore 1.0.6
puresw lore 1.2.1
puresw lore 1.2.0