CVE-2008-4520

N/A Unknown

Published: October 09, 2008 Modified: April 23, 2026

Description

Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3

Source: cve@mitre.org

http://secunia.com/advisories/32046

Source: cve@mitre.org

Vendor Advisory

http://sourceforge.net/project/shownotes.php?group_id=216367&release_id=630124

Source: cve@mitre.org

Patch

http://sourceforge.net/tracker/index.php?func=detail&aid=2141884&group_id=216367&atid=1037394

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/31559

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/45634

Source: cve@mitre.org

http://autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.pl?r1=1.2&r2=1.3