Lucene search
HistoryFeb 11, 2009 - 12:30 a.m.
CVE-2009-0455
cve-2009-0455
cross-site scripting
xss
lib-comment.php
glfusion
nvd
6.3 Medium
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.5%
Cross-site scripting (XSS) vulnerability in the anonymous comments feature in lib-comment.php in glFusion 1.1.0, 1.1.1, and earlier versions allows remote attackers to inject arbitrary web script or HTML via the username parameter to comment.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| glfusion:glfusion | glfusion | le | 1.1.1 |
| glfusion:glfusion | glfusion | eq | 1.1.0 |
Related
prion
prion
Cross site scripting
2009-02-11 00:30:00
cvelist
cvelist
CVE-2009-0455
2009-02-11 00:00:00
6.3 Medium
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.5%
Related for CVE-2009-0455