{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T20:45:44.478074400Z","vulnerabilities":[{"cve":{"id":"CVE-2008-2398","sourceIdentifier":"cve@mitre.org","published":"2008-05-21T13:24:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados en index.php de AppServ Open Project 2.5.10 y versiones anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro appservlang"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:*:*:*:*:*:*:*:*","versionEndIncluding":"2.5.10","matchCriteriaId":"357DA904-542F-4E21-9633-DE813B6DF82B"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4FAA36DC-B99C-40C5-B614-C451B7FBBFAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"5E3074DE-9611-4A65-B7CE-9131AB8E72CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"EE07EC69-518C-4B89-A1FD-465A0A587B0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"F66A15D2-6689-47EC-97B4-00D95F78E5F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"24A8198E-5466-49E9-9177-98D827A7C0FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.6.0:*:*:*:*:*:*:*","matchCriteriaId":"146CCDCF-E814-40B3-A9D0-AB02B117E9DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.7.0:*:*:*:*:*:*:*","matchCriteriaId":"7F4C7348-03B4-4C3C-AB0C-A07582995A36"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.8.0:*:*:*:*:*:*:*","matchCriteriaId":"03439C26-6D02-498A-BA69-77501770D014"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:1.9.0:*:*:*:*:*:*:*","matchCriteriaId":"0D9141BA-1404-4985-A75B-3BDA082FB08E"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B8E93EC1-5308-469F-9443-1B26E1309FC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2DC735E4-E61A-40D5-8A9B-290A61CDC516"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"59FEEF6C-6348-46BD-A804-66122524A0AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.3.0:*:*:*:*:*:*:*","matchCriteriaId":"6E2374B0-CAD6-4545-BB09-F6AC5781B6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4:*:*:*:*:*:*:*","matchCriteriaId":"6E57680A-6CEB-4E72-97F0-A80A6551CF85"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"816B562D-31CB-40DE-B221-EC391E39DDAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.2:*:*:*:*:*:*:*","matchCriteriaId":"770FE42B-6F4D-4633-8306-14FFD590FD5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.3:*:*:*:*:*:*:*","matchCriteriaId":"0D150045-AF98-4494-826D-97056E8A11D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.4:*:*:*:*:*:*:*","matchCriteriaId":"DE9B317E-5439-45DB-8E10-258703823C0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.4a:*:*:*:*:*:*:*","matchCriteriaId":"42661CC5-F4DB-42CC-B5F3-6EFDF0B207F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.5:*:*:*:*:*:*:*","matchCriteriaId":"FE92F7BE-72CC-4F7D-8B96-52C088F5C54B"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.6:*:*:*:*:*:*:*","matchCriteriaId":"3704D7CB-D8AB-4A6B-B7FD-4AB816B97C59"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.7:*:*:*:*:*:*:*","matchCriteriaId":"DE3F10B6-1C1A-4BDE-9E28-2FCB69E23D78"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.8:*:*:*:*:*:*:*","matchCriteriaId":"616DC2B0-B5C6-4180-B885-91CD407E663D"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.4.9:*:*:*:*:*:*:*","matchCriteriaId":"4B3A07D6-3407-4805-9FAE-CD450674C35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5:*:*:*:*:*:*:*","matchCriteriaId":"BA7AE5BB-05DA-4E2D-AD41-749990292F0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.1:*:*:*:*:*:*:*","matchCriteriaId":"3A7907A6-B27B-4E0E-BA3F-9EC28B00BEF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.2:*:*:*:*:*:*:*","matchCriteriaId":"E5252E8E-DACA-4A87-B374-461035E0B6CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.3:*:*:*:*:*:*:*","matchCriteriaId":"4E8CD53E-5AE3-43A4-8F38-ED907DF3FB76"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.4:*:*:*:*:*:*:*","matchCriteriaId":"3BED7E21-B7CF-4DB3-B3A9-ABE14E9DBCD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.4a:*:*:*:*:*:*:*","matchCriteriaId":"E8E9E73C-D1E5-4326-B93D-10E8A5BC16EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.5:*:*:*:*:*:*:*","matchCriteriaId":"AF76C69E-0CC8-4864-90D3-7A3932BB1D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.6:*:*:*:*:*:*:*","matchCriteriaId":"EAA2608C-148D-4FF6-879A-D706FEE85D08"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.7:*:*:*:*:*:*:*","matchCriteriaId":"68DD67F8-A7DF-4D01-9EE1-9C8F253DCFB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.8:*:*:*:*:*:*:*","matchCriteriaId":"1CD47131-2333-4735-ABA7-628D53D8E3B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:appserv_open_project:appserv:2.5.9:*:*:*:*:*:*:*","matchCriteriaId":"B53F0EB6-DB19-454A-9AB7-D920E8971FEC"}]}]}],"references":[{"url":"http://secunia.com/advisories/30333","source":"cve@mitre.org"},{"url":"http://securityreason.com/securityalert/3896","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/492271/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/29291","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42546","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/30333","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securityreason.com/securityalert/3896","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/492271/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/29291","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42546","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}