VYPR
Unrated severityNVD Advisory· Published Mar 17, 2008· Updated Jun 16, 2026

CVE-2008-1342

CVE-2008-1342

Description

Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the (1) _q and (2) lucene_index_field_value parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected products

4
  • cpe:2.3:a:polymita_technologies:bpm_suite:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:polymita_technologies:bpm_suite:*:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:a:polymita_technologies:collageportal:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:polymita_technologies:collageportal:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.