Lucene search
HistoryMar 17, 2009 - 10:30 p.m.
CVE-2009-0933
cve-2009-0933
cross-site scripting
xss vulnerability
dotclear
administrative interface
web script injection
html injection
nvd
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.2%
Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
dotcleardotclearRange≤2.1.4
ORdotcleardotclearMatch1.2.1
ORdotcleardotclearMatch1.2.2
ORdotcleardotclearMatch1.2.3
ORdotcleardotclearMatch1.2.4
ORdotcleardotclearMatch1.2.5
ORdotcleardotclearMatch1.2.6
ORdotcleardotclearMatch1.2.7
ORdotcleardotclearMatch1.2.8
ORdotcleardotclearMatch2.0
ORdotcleardotclearMatch2.0beta_2
ORdotcleardotclearMatch2.0beta_3
ORdotcleardotclearMatch2.0beta_4
ORdotcleardotclearMatch2.0beta_5.2
ORdotcleardotclearMatch2.0beta_5.4
ORdotcleardotclearMatch2.0beta_6
ORdotcleardotclearMatch2.0beta_7
ORdotcleardotclearMatch2.0rc1
ORdotcleardotclearMatch2.0rc2
ORdotcleardotclearMatch2.0.1
ORdotcleardotclearMatch2.0.2
ORdotcleardotclearMatch2.1
ORdotcleardotclearMatch2.1.1
ORdotcleardotclearMatch2.1.3
Related
nvd
nvd
CVE-2009-0933
2009-03-17 22:30:00
cvelist
cvelist
CVE-2009-0933
2009-03-17 22:00:00
prion
prion
Cross site scripting
2009-03-17 22:30:00
5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.2%
Related for CVE-2009-0933