{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T21:03:47.696","vulnerabilities":[{"cve":{"id":"CVE-2008-6400","sourceIdentifier":"cve@mitre.org","published":"2009-03-05T20:30:00.563","lastModified":"2026-06-16T23:02:09.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php.  NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en refbase versiones anteriores a v0.9.5 permite a atacantes remotos inyectar web script o HTML a través del parámetro \"headerMsg\" de (1) show.php y (2) search.php.\r\nNOTA: algunos de estos detalles han sido obtenidos a partir de la información de terceros."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:refbase:refbase:*:*:*:*:*:*:*:*","versionEndIncluding":"0.9.0","matchCriteriaId":"9D7A0B79-57C0-4644-933D-0740C6454F0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:refbase:refbase:0.6:*:*:*:*:*:*:*","matchCriteriaId":"14F4E236-C640-41F1-BF57-63E39F875E81"},{"vulnerable":true,"criteria":"cpe:2.3:a:refbase:refbase:0.6.1:b1:*:*:*:*:*:*","matchCriteriaId":"58F0B9FF-D94F-4A3B-85C2-775609462A21"},{"vulnerable":true,"criteria":"cpe:2.3:a:refbase:refbase:0.7:*:*:*:*:*:*:*","matchCriteriaId":"248F487A-6BE7-40A5-B5C4-692E6D62D682"},{"vulnerable":true,"criteria":"cpe:2.3:a:refbase:refbase:0.8.0:*:*:*:*:*:*:*","matchCriteriaId":"22C8747F-798E-456E-96A8-26A004423DBD"}]}]}],"references":[{"url":"http://secunia.com/advisories/32815","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://sourceforge.net/project/shownotes.php?release_id=641612","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/32372","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46735","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/32815","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://sourceforge.net/project/shownotes.php?release_id=641612","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/32372","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46735","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}