{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-25T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "mayaa-errorpage-xss(47623)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"}, {"name": "33333", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33333"}, {"name": "33015", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33015"}, {"name": "51007", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/51007"}, {"name": "JVNDB-2008-000085", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"}, {"name": "JVN#17298485", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN17298485/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "mayaa-errorpage-xss(47623)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"}, {"name": "33333", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33333"}, {"name": "33015", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33015"}, {"name": "51007", "refsource": "OSVDB", "url": "http://osvdb.org/51007"}, {"name": "JVNDB-2008-000085", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"}, {"name": "http://mayaa.seasar.org/news/vulnerability20081225.html", "refsource": "CONFIRM", "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"}, {"name": "JVN#17298485", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN17298485/index.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:04:44.475Z"}, "title": "CVE Program Container", "references": [{"name": "mayaa-errorpage-xss(47623)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"}, {"name": "33333", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33333"}, {"name": "33015", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33015"}, {"name": "51007", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/51007"}, {"name": "JVNDB-2008-000085", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"}, {"name": "JVN#17298485", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN17298485/index.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5720", "datePublished": "2008-12-26T17:08:00", "dateReserved": "2008-12-26T00:00:00", "dateUpdated": "2024-08-07T11:04:44.475Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:seasar:mayaa:*:*:*:*:*:*:*:*", "matchCriteriaId": "148D2F2D-C7DF-4476-B523-0663690E5F23", "versionEndIncluding": "1.1.22", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "35502985-0EE4-4EFE-A65E-12D45424C6BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.1.0f:*:*:*:*:*:*:*", "matchCriteriaId": "7DA3AEC8-6526-44E8-BE50-B1A0A24999BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "42B07EC1-5014-4844-9745-F5DD5BBA5235", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "460CEC42-E7B3-4861-8178-BAAC984D3786", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FE16C6F2-BB97-453F-AD80-FB841DBB3764", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D1BD85C-DF97-4F1C-8F9C-3590AE0A7E62", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F8379E6-B059-4AA3-AD99-D0F05CDB62E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E224FB88-039B-43CE-BE26-E1BC7611A4E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DE7C9C9-EA81-4F24-8F00-A4EDCC56C123", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "70CD409C-D6EB-4B1B-AA24-3A4724C4C5AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "705A1021-26AB-4C2F-902C-EFE1DF378476", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "E5A2BC02-842E-4263-B45A-5DE39159ABFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "F75E8386-97FF-4BAA-B093-F53AEC61572D", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "FE4C76DD-D022-4DA7-8193-DE4ADB393473", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "A1DDF6FE-CA59-449D-89CA-43755517CF45", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "407F6DF4-55C2-4ACF-8CC1-621A08451416", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C1E71AF-4B0B-4B93-8FC1-66C377854600", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "FB2151E1-F2BC-4211-AC23-E8EA02459DD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "1D08D030-935A-4637-A9E0-28A8B80C5F7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "1AB5FEAA-DE93-4924-AC01-9CD0AB2CF0C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "015902EF-F87C-423C-AFD4-B5EC4AB58037", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "02B5E666-9D5D-4C22-B289-27C8C27D1EA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "DB812D74-B5BF-4DC2-8F2D-3E4D19FB955E", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "D2E15228-1F9D-4116-BCF2-8AB81791F776", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "2678FE15-D74B-4719-94AD-4F4170755996", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.16:*:*:*:*:*:*:*", "matchCriteriaId": "6F99F56A-03B9-41A0-B41B-85BF64807950", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.17:*:*:*:*:*:*:*", "matchCriteriaId": "4A68E53E-E11A-4E61-9154-AB53B46435FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.18:*:*:*:*:*:*:*", "matchCriteriaId": "AA485425-CBBF-4421-9EF9-E15624741FFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.19:*:*:*:*:*:*:*", "matchCriteriaId": "63785AB0-8297-4604-9E80-F81268FE3E3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.20:*:*:*:*:*:*:*", "matchCriteriaId": "87BC2330-8532-410E-9175-400D7A197B1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:0.9.20a:*:*:*:*:*:*:*", "matchCriteriaId": "A9BE5E1D-0576-4DE3-AA70-693B45C4408D", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8768412-0081-4A58-A6BC-35EAE0949CE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "6D9D4CFA-D58F-4A87-95E3-BFB46AF932BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "70E05F24-2792-4C43-B692-85D3D70BDB3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "A8D7FF44-1D82-4B05-9937-59A910F58736", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CA135D9F-AE1E-4A73-878B-210B64DB6473", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3AC0E8CB-FF8F-4FA0-A004-777C7E5B696C", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E96BBA4-C1D6-4AE5-A637-92E770B0CCC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D0CBD141-BCE4-479B-AA95-8B9FBFAE6EFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A4669663-C2D1-4076-A4CD-F032A14B4F5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "233A0A34-91F5-4CD9-96C3-75DD710E8606", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "58BE8980-14BE-453D-9760-C50FA9859F5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "96F6668F-9596-4CEB-8905-4FB5CC20587A", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "78BF40B5-0721-4C91-A4F3-3BAEA5B2268B", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "A6A44DD1-52EF-40BA-8303-28C7CE842410", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "3E1EE904-9EA4-445A-BCDB-4C624AA46233", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "ECD0FC53-3AF7-45A3-BF6C-A27199F4AAB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "28957D35-8DEE-4DA8-A565-95DF7AC4E294", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "B22EC4D0-341D-4964-BFBD-BAEE9400A7C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E521783A-C6E9-4B2D-A295-9722259C4B9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "7CFC65F3-4B38-4B29-9B1C-325A36F1A6A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D321E720-6E00-4EB2-B253-4BDF766BCE3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "9BDCFEFD-39A0-4966-8A24-8AE9F0A051FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "A09402E8-C487-46D0-9B96-5458968D7A50", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "3A93043D-C586-43D9-9B37-A413D8AFEE8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "E50D7FA7-AD00-41A7-9952-DDDC6C7D6410", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "ABA29603-1916-4211-B5F9-437A82000E79", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "C20AE9F9-E78E-42E6-8B85-0016AAAC51AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "3D5307D6-DB49-4913-A7E8-2BA117116B51", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "8FEB5E1D-576A-4D16-85F6-344ADF9EB6DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "53C3510A-067B-4029-A859-7F15E366B5D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "EBCFC635-CDB0-48BD-AFB1-250F77A3CDF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "D349E517-F99B-41E5-B6FF-AAA0BAB361FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "3060AE4D-91CB-471E-961C-2C24EE0EE11E", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "48834D46-3613-4C28-AE6E-8C83A665163D", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "61F1478D-1963-4597-8D93-600DE54155EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:seasar:mayaa:1.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "A60A6991-2388-4A8A-B410-C075056796CF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mayaa antes de v1.1.23 permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante vectores no especificados que involucran la p\u00e1gina de error por defecto para la excepci\u00f3n org.seasar.mayaa.impl.engine.PageNotFoundException y posiblemente otras excepciones."}], "id": "CVE-2008-5720", "lastModified": "2017-08-08T01:33:29.343", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-12-26T17:30:00.483", "references": [{"source": "cve@mitre.org", "url": "http://jvn.jp/en/jp/JVN17298485/index.html"}, {"source": "cve@mitre.org", "url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000085.html"}, {"source": "cve@mitre.org", "url": "http://mayaa.seasar.org/news/vulnerability20081225.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/51007"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/33333"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33015"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47623"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}