Security Advisory

CVE-2008-0438

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-01-23 21:00:00

Last updated 2024-08-07 07:46:55

Assigner mitre

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the font rendering functionality in Novemberborn sIFR 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the txt parameter to a Flash (SWF) file, as demonstrated by fonts/FuturaLt.swf.

← Browse all CVEs View on cve.org ↗