CVE-2008-3353 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature.

Reference

http://puresw.com/kb/idx.php/8/025/article/Changelog.html http://secunia.com/advisories/31217 http://www.securityfocus.com/bid/30367 https://exchange.xforce.ibmcloud.com/vulnerabilities/43985