Medium severity6.1NVD Advisory· Published Jul 31, 2008· Updated Jun 16, 2026
CVE-2008-3397
CVE-2008-3397
Description
Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie.
Affected products
2cpe:2.3:a:runesoft:cerberus_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:runesoft:cerberus_cms:*:*:*:*:*:*:*:*range: <=3_1.3_0.9
- (no CPE)range: <3.1.4_0.9
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/31218nvdVendor Advisory
- gl2logic.com/cerberus/cerberus.phpnvd
- www.securityfocus.com/bid/30416nvd
News mentions
0No linked articles in our index yet.