ByteOS Network

samtodo

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2008-2563

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-0.33% / 55.23%

7 Day CHG~0.00%

Published-06 Jun, 2008 | 18:00

Updated-07 Aug, 2024 | 09:05

Multiple cross-site scripting (XSS) vulnerabilities in (1) dsp_main.php and (2) dsp_task_editor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the (a) tid parameter in a main.taskeditor edit action, and the (b) completed parameter in a main.default action, to index.php.

Vendor-samtodo n/a

Product-samtodo n/a

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')