{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-01-25T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-11-12T13:06:38.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"FEDORA-2009-11126","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"},{"name":"37479","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37479"},{"name":"46312","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/46312"},{"name":"37677","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37677"},{"name":"DSA-1952","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2009/dsa-1952"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=523277"},{"tags":["x_refsource_CONFIRM"],"url":"http://github.com/sstephenson/prototype/blob/master/CHANGELOG"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533137"},{"name":"FEDORA-2009-11070","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"},{"name":"[oss-security] 20091107 Re: CVE Request - Asterisk (AST-2009-008.html)","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/2"},{"name":"20190509 dotCMS v5.1.1 Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2019/May/18"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"},{"name":"20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/May/11"},{"name":"20190510 dotCMS v5.1.1 Vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/May/10"},{"name":"20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/May/13"},{"name":"[zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87%40%3Cnotifications.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/7ba863c5a4a0f1230cba2d11cf4de3a2eda3a42e8023d4990f564327%40%3Cdev.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/6d1b9a75a004dab42c81e8aa149d90e6fd26ce8cd6d71295e565e366%40%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/2ad48cd9d47edd0e677082eb869115809473a117e1e30b52fb511590%40%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/769fcc5f331b61c4d7ce16b807678e9a1799628d0146322e14aa24ed%40%3Cdev.zookeeper.apache.org%3E"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-7220","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make \"cross-site ajax requests\" via unknown vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"FEDORA-2009-11126","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"},{"name":"37479","refsource":"SECUNIA","url":"http://secunia.com/advisories/37479"},{"name":"46312","refsource":"OSVDB","url":"http://osvdb.org/46312"},{"name":"37677","refsource":"SECUNIA","url":"http://secunia.com/advisories/37677"},{"name":"DSA-1952","refsource":"DEBIAN","url":"http://www.debian.org/security/2009/dsa-1952"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=523277","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=523277"},{"name":"http://github.com/sstephenson/prototype/blob/master/CHANGELOG","refsource":"CONFIRM","url":"http://github.com/sstephenson/prototype/blob/master/CHANGELOG"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=533137","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=533137"},{"name":"FEDORA-2009-11070","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"},{"name":"[oss-security] 20091107 Re: CVE Request - Asterisk (AST-2009-008.html)","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2009/11/07/2"},{"name":"20190509 dotCMS v5.1.1 Vulnerabilities","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2019/May/18"},{"name":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"},{"name":"20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/May/11"},{"name":"20190510 dotCMS v5.1.1 Vulnerabilities","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/May/10"},{"name":"20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/May/13"},{"name":"[zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814","refsource":"MLIST","url":"https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87@%3Cnotifications.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","refsource":"MLIST","url":"https://lists.apache.org/thread.html/7ba863c5a4a0f1230cba2d11cf4de3a2eda3a42e8023d4990f564327@%3Cdev.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","refsource":"MLIST","url":"https://lists.apache.org/thread.html/6d1b9a75a004dab42c81e8aa149d90e6fd26ce8cd6d71295e565e366@%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","refsource":"MLIST","url":"https://lists.apache.org/thread.html/2ad48cd9d47edd0e677082eb869115809473a117e1e30b52fb511590@%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","refsource":"MLIST","url":"https://lists.apache.org/thread.html/769fcc5f331b61c4d7ce16b807678e9a1799628d0146322e14aa24ed@%3Cdev.zookeeper.apache.org%3E"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T11:56:14.530Z"},"title":"CVE Program Container","references":[{"name":"FEDORA-2009-11126","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"},{"name":"37479","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37479"},{"name":"46312","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/46312"},{"name":"37677","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37677"},{"name":"DSA-1952","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2009/dsa-1952"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=523277"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://github.com/sstephenson/prototype/blob/master/CHANGELOG"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533137"},{"name":"FEDORA-2009-11070","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"},{"name":"[oss-security] 20091107 Re: CVE Request - Asterisk (AST-2009-008.html)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/2"},{"name":"20190509 dotCMS v5.1.1 Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2019/May/18"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html"},{"name":"20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/May/11"},{"name":"20190510 dotCMS v5.1.1 Vulnerabilities","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/May/10"},{"name":"20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/May/13"},{"name":"[zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87%40%3Cnotifications.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/7ba863c5a4a0f1230cba2d11cf4de3a2eda3a42e8023d4990f564327%40%3Cdev.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/6d1b9a75a004dab42c81e8aa149d90e6fd26ce8cd6d71295e565e366%40%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-issues] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/2ad48cd9d47edd0e677082eb869115809473a117e1e30b52fb511590%40%3Cissues.zookeeper.apache.org%3E"},{"name":"[zookeeper-dev] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/769fcc5f331b61c4d7ce16b807678e9a1799628d0146322e14aa24ed%40%3Cdev.zookeeper.apache.org%3E"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-7220","datePublished":"2009-09-13T22:00:00.000Z","dateReserved":"2009-09-13T00:00:00.000Z","dateUpdated":"2024-08-07T11:56:14.530Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}