CVE-2008-0717

medium

Description

Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response.

References

http://www.vupen.com/english/advisories/2008/0446

http://www.securitytracker.com/id?1019315

http://www.securityfocus.com/bid/27665

http://www-1.ibm.com/support/docview.wss?uid=swg21294776

http://secunia.com/advisories/28785

Details

Source: Mitre, NVD

Published: 2008-02-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00265