CVE-2008-7220
EPSS 10.0%
Description
Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.
How to fix CVE-2008-7220
To remediate CVE-2008-7220, upgrade the affected package to a fixed version below.
- Debian/asterisk—upgrade to 1:1.6.2.0~rc3-1 or later
- Debian/exaile—upgrade to 0.2.14+debian-2.2 or later
- Debian/jscropperui—upgrade to 1.2.1-1 or later
- Debian/libaws—upgrade to 2.7-1 or later
- —upgrade to 1.48-3 or later
- —upgrade to 2.3.4-6 or later
- —upgrade to 1.6.0.2-1 or later
- —upgrade to 1.8.3-1 or later
- —upgrade to 1.0.21-1.1 or later
- —upgrade to 2.5.0-2 or later
Is CVE-2008-7220 being exploited?
Moderate — EPSS is 10.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (10)
- from 0, < 1:1.6.2.0~rc3-1
- from 0, < 0.2.14+debian-2.2
- from 0, < 1.2.1-1
- from 0, < 2.7-1
- from 0, < 1.48-3
- from 0, < 2.3.4-6
- from 0, < 1.6.0.2-1
- from 0, < 1.8.3-1
- from 0, < 1.0.21-1.1
- from 0, < 2.5.0-2