VYPR
Unrated severityNVD Advisory· Published Aug 29, 2008· Updated Jun 16, 2026

CVE-2008-2929

CVE-2008-2929

Description

Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:fedora:directory_server:*:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:directory_server:7.1:sp1:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:redhat:directory_server:7.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:7.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:7.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:7.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:7.1:sp5:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:7.1:sp6:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:8.0:el4:*:*:*:*:*:*
    • cpe:2.3:a:redhat:directory_server:8.0:el5:*:*:*:*:*:*
    • (no CPE)range: <7.1 SP7, EL4, EL5

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.