CVE-2008-2188 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php and the (3) bookName (4) bookMetaTags and (5) estiloCSS parameters to (b) header.php.

Reference

http://securityreason.com/securityalert/3873 http://www.securityfocus.com/archive/1/491549/100/0/threaded http://www.securityfocus.com/bid/29015 https://exchange.xforce.ibmcloud.com/vulnerabilities/42147