Lucene search

K
cve[email protected]CVE-2009-1877
HistoryAug 18, 2009 - 10:30 p.m.

CVE-2009-1877

2009-08-1822:30:00
CWE-79
web.nvd.nist.gov
21
cve-2009-1877
cross-site scripting
xss
adobe coldfusion
vulnerability
remote attackers
web script
html

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.192 Low

EPSS

Percentile

96.3%

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.

Affected configurations

NVD
Node
adobecoldfusionRange8.0.1
OR
adobecoldfusionMatch6.0
OR
adobecoldfusionMatch6.0enterprise_multi-server
OR
adobecoldfusionMatch6.0enterprise_server
OR
adobecoldfusionMatch6.0linux
OR
adobecoldfusionMatch6.0solaris
OR
adobecoldfusionMatch6.1
OR
adobecoldfusionMatch6.1enterprise_multi-server
OR
adobecoldfusionMatch6.1enterprise_server
OR
adobecoldfusionMatch6.1linux
OR
adobecoldfusionMatch6.1solaris
OR
adobecoldfusionMatch7.0
OR
adobecoldfusionMatch7.0enterprise_multi-server
OR
adobecoldfusionMatch7.0enterprise_server
OR
adobecoldfusionMatch7.0linux
OR
adobecoldfusionMatch7.0solaris
OR
adobecoldfusionMatch7.0.1
OR
adobecoldfusionMatch7.0.2
OR
adobecoldfusionMatch7.2unknownmx
OR
adobecoldfusionMatch8.0
OR
adobecoldfusionMatch8.1

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.192 Low

EPSS

Percentile

96.3%