Unrated severityNVD Advisory· Published Feb 21, 2008· Updated Jun 16, 2026
CVE-2008-0867
CVE-2008-0867
Description
Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
Affected products
6cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:mp1:*:*:*:*:*:*
- (no CPE)range: 6.1 - MP1
cpe:2.3:a:bea_systems:plumtree_foundation:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bea_systems:plumtree_foundation:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea_systems:plumtree_foundation:6.0:sp1:*:*:*:*:*:*
- Range: 6.0 - SP1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.