CVE-2008-5024
CVSS v2.0
7.5 (High)
EPSS
1.48 % (87th)
Affected Products
5
Advisories
10
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.
Weaknesses
- CWE-91
- XML Injection (aka Blind XPath Injection)
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2008-11-13 11:30:01
(16 years ago) - Updated Date
-
2018-11-02 13:50:11
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...