Low severityNVD Advisory· Published Mar 12, 2008· Updated Jun 16, 2026
CVE-2008-1300
CVE-2008-1300
Description
Cross-site scripting (XSS) vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a different vector than CVE-2008-1045.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | >= 7.0.3, < 7.0.5 | 7.0.5 |
Affected products
3Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/28152nvdExploit
- secunia.com/advisories/29278nvdVendor Advisory
- github.com/advisories/GHSA-w3v2-vfrj-j9g8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-1300ghsaADVISORY
- securityreason.com/securityalert/3731nvdWEB
- github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409ghsaWEB
- www.securityfocus.com/archive/1/489291/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41095nvd
News mentions
0No linked articles in our index yet.