Unrated severityNVD Advisory· Published Oct 9, 2008· Updated Jun 16, 2026
CVE-2008-4520
CVE-2008-4520
Description
Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:autonessus:autonessus:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:autonessus:autonessus:*:*:*:*:*:*:*:*range: <=1.2.1
- cpe:2.3:a:autonessus:autonessus:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:autonessus:autonessus:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:autonessus:autonessus:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:autonessus:autonessus:1.2:*:*:*:*:*:*:*
- (no CPE)range: <1.2.2
Patches
Vulnerability mechanics
References
6- sourceforge.net/project/shownotes.phpnvdPatch
- www.securityfocus.com/bid/31559nvdPatch
- secunia.com/advisories/32046nvdVendor Advisory
- sourceforge.net/tracker/index.phpnvdVendor Advisory
- autonessus.cvs.sourceforge.net/viewvc/autonessus/AutoNessus/www/bulk_update.plnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45634nvd
News mentions
0No linked articles in our index yet.