CVE-2009-2814

2009-09-1416:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.2%

JSON

Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding.

References

lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

osvdb.org/57956

secunia.com/advisories/36701

support.apple.com/kb/HT3865

www.securityfocus.com/bid/36364

exchange.xforce.ibmcloud.com/vulnerabilities/53175