VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 14, 2008· Updated Apr 23, 2026

CVE-2008-5093

CVE-2008-5093

Description

Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Cross-site scripting vulnerability in Novell eDirectory HTTP Protocol Stack before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML.

Vulnerability

The cross-site scripting (XSS) vulnerability resides in the HTTP Protocol Stack (HTTPSTK) component of Novell eDirectory prior to version 8.8 SP3. The specific vector is not disclosed in the available references, but it allows injection of malicious scripts or HTML.

Exploitation

No detailed exploitation steps are provided in the references. The attack is performed remotely by sending crafted HTTP requests to the eDirectory server. No authentication is required for exploitation.

Impact

Successful exploitation enables an attacker to execute arbitrary web script or HTML in the context of the affected application. This could lead to information disclosure, session hijacking, or other malicious activities within the eDirectory management interface.

Mitigation

The vulnerability is fixed in Novell eDirectory 8.8 SP3 [1]. Administrators should upgrade to 8.8 SP3 or later. If upgrading is not possible, consider limiting network access to the eDirectory server. Note that eDirectory is now end-of-life; moving to a supported product is recommended.

References
  1. History of Issues Resolved in eDirectory 8.8.x

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

43
  • Novell/Edirectory43 versions
    cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*+ 42 more
    • cpe:2.3:a:novell:edirectory:*:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.8_presp9:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.9:*:linux:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.9:*:solaris:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2000:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3.9:*:windows_2003:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp1:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp2:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp3:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp4:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp5:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp6:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp7:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp8:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.7.3:sp9:windows:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.1:*:linux:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.1:*:solaris:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2000:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.1:*:windows_2003:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.2:*:linux:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.2:*:solaris:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2000:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8.2:*:windows_2003:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8:*:linux:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8:*:solaris:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8:*:windows_2000:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:8.8:*:windows_2003:*:*:*:*:*
    • cpe:2.3:a:novell:edirectory:*:sp2:windows:*:*:*:*:*range: <=8.8
    • (no CPE)range: < 8.8 SP3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.