VYPR
Unrated severityNVD Advisory· Published Feb 21, 2008· Updated Jun 16, 2026

CVE-2008-0867

CVE-2008-0867

Description

Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

Affected products

6
  • cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:bea_systems:aqualogic_interaction:6.1:mp1:*:*:*:*:*:*
    • (no CPE)range: 6.1 - MP1
  • cpe:2.3:a:bea_systems:plumtree_foundation:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bea_systems:plumtree_foundation:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:bea_systems:plumtree_foundation:6.0:sp1:*:*:*:*:*:*
  • Range: 6.0 - SP1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.