Unrated severityNVD Advisory· Published Feb 27, 2008· Updated Jun 16, 2026
CVE-2008-1048
CVE-2008-1048
Description
Cross-site scripting (XSS) vulnerability in manager/xmedia.php in Plume CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
Affected products
2Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.