Unrated severityNVD Advisory· Published Jul 9, 2008· Updated Apr 23, 2026

CVE-2008-3082

Description

Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.

Affected products

Commtouch/Enterprise Anti Spam Gateway2 versions
cpe:2.3:a:commtouch:enterprise_anti-spam_gateway:4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:commtouch:enterprise_anti-spam_gateway:4:*:*:*:*:*:*:*
- cpe:2.3:a:commtouch:enterprise_anti-spam_gateway:5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/30876nvdVendor Advisory
blog.commtouch.com/cafe/email-security-news/vulnerability-in-commtouch-gateway-not-anymore/nvd
lists.grok.org.uk/pipermail/full-disclosure/2008-June/062955.htmlnvd
www.securityfocus.com/bid/29957nvd
exchange.xforce.ibmcloud.com/vulnerabilities/43442nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000