CVE-2009-1908

2022-10-0316:23:58

mitre

www.cve.org

skip 1.0.2

cross-site scripting

remote attackers

html injection

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON

Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

dev.openskip.org/redmine/issues/show/677

jvn.jp/en/jp/JVN43233160/index.html

jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000025.html

portal.openskip.org/top/releasenote-ver1-0-0

secunia.com/advisories/35041

www.securityfocus.com/bid/34898