Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-2882
cve-2009-2882
xss
pg matchmaking
web script injection
html injection
nvd
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.022 Low
EPSS
Percentile
89.4%
Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to services.php.
Affected configurations
Node
datingpromatchmaking
| CPE | Name | Operator | Version |
|---|---|---|---|
| datingpro:matchmaking | datingpro matchmaking | eq | * |
Related
cvelist
cvelist
CVE-2009-2882
2022-10-03 16:24:08
prion
prion
Cross site scripting
2009-08-20 17:30:00
nvd
nvd
CVE-2009-2882
2009-08-20 17:30:09
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.022 Low
EPSS
Percentile
89.4%
Related for CVE-2009-2882