CVE-2008-6041

Name of the Vulnerable Software and Affected Versions Dataspade version 1.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in Index.asp. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the ViewName, TableName, OrderBy, and FilterField parameters.

Recommendations For Dataspade version 1.0, consider restricting access to the Index.asp page until a fix is available, and avoid using the ViewName, TableName, OrderBy, and FilterField parameters in the meantime. At the moment, there is no information about a newer version that contains a fix for this vulnerability.