Vulnonym.org

CVE-2008-2527 - Jagged Collectors

Description

Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier ActualAnalyzer Gold 7.74 and earlier ActualAnalyzer Pro 6.95 and earlier and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter.

Reference

http://www.majorsecurity.de/index_2.php?major_rls=major_rls52 http://www.securityfocus.com/bid/29177 http://secunia.com/advisories/30205 https://exchange.xforce.ibmcloud.com/vulnerabilities/42367 http://www.securityfocus.com/archive/1/491982/100/0/threaded