{"id": "CVE-2009-2565", "bulletinFamily": "NVD", "title": "CVE-2009-2565", "description": "Cross-site scripting (XSS) vulnerability in Perl CGI's By Mrs. Shiromuku shiromuku(fs6)DIARY 2.40 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "published": "2009-07-21T22:30:00", "modified": "2017-08-17T01:30:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2565", "reporter": "cve@mitre.org", "references": ["http://secunia.com/advisories/35806", "http://www.t-okada.com/cgi-bin/s_news/s_news.cgi?action=show_detail&txtnumber=log&mynum=345", "http://jvn.jp/en/jp/JVN31110006/index.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/51696", "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000048.html"], "cvelist": ["CVE-2009-2565"], "type": "cve", "lastseen": "2019-05-29T18:09:59", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "c5813305a3698b64936e81405e4b09df"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "fea733e32b9e0074460c4e66f238b8f0"}, {"key": "cpe23", "hash": "66f65267c95c5b445375f1dbebc5d55b"}, {"key": "cvelist", "hash": "85918ec7189fbb8715590e1deea0c31a"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "8a542cb537db12a62c6e97c5c788f723"}, {"key": "href", "hash": "da6f0803ddca5eb6ab9dce3c15939def"}, {"key": "modified", "hash": "aa7087b4e0941d576941150df34902f5"}, {"key": "published", "hash": "af84543acaae932e790a178ee0cf4a78"}, {"key": "references", "hash": "a50adcffebb16ba06c702b0d52c8d792"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "fbe4060b1c77599364b4a15799596b58"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "8ee6d6596ddab1c38adda0f54055623baddfcdc336b8cf56fb4b3eeaed49bba3", "viewCount": 0, "enchantments": {"score": {"value": 4.1, "vector": "NONE", "modified": "2019-05-29T18:09:59"}, "dependencies": {"references": [{"type": "jvn", "idList": ["JVN:31110006"]}], "modified": "2019-05-29T18:09:59"}, "vulnersScore": 4.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:t-okada:shiromuku(fs6)diary:2.40", "cpe:/a:t-okada:shiromuku\\(fs6\\)diary:2.40"], "affectedSoftware": [{"name": "t-okada shiromuku(fs6)diary", "operator": "eq", "version": "2.40"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:t-okada:shiromuku\\(fs6\\)diary:2.40:*:*:*:*:*:*:*"], "cwe": ["CWE-79"]}

{"jvn": [{"lastseen": "2019-05-29T17:21:23", "bulletinFamily": "info", "description": "\n ## Description\n\nshiromuku(fs6)DIARY from Perl CGI's By Mrs. Shiromuku is a web log software. shiromuku(fs6)DIARY contains a cross-site scripting vulnerability. \n\n ## Impact\n\nAn arbitrary script may be executed on the user's web browser. \n\n ## Solution\n\n**Update the Software** \nUpdate to the latest version according to the information provided by the developer. \n\n ## Products Affected\n\n * shiromuku(fs6)DIARY version 2.40 and earlier\n", "modified": "2009-07-15T00:00:00", "published": "2009-07-14T00:00:00", "id": "JVN:31110006", "href": "http://jvn.jp/en/jp/JVN31110006/index.html", "title": "JVN#31110006 shiromuku(fs6)DIARY cross-site scripting vulnerability", "type": "jvn", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}