Detections
Analytics

CVE-2008-4485

medium

Description

Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45625

http://www.vupen.com/english/advisories/2008/2739

http://www.securitytracker.com/id?1020979

http://www.securityfocus.com/bid/31543

http://www.bluecoat.com/support/securityadvisories/icap_patience

http://securityreason.com/securityalert/4367

http://secunia.com/advisories/32122

http://marc.info/?l=bugtraq&m=122298544725313&w=2

http://marc.info/?l=bugtraq&m=122210321731789&w=2

Details

Source: Mitre, NVD

Published: 2008-10-08

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium