CVE-2009-3198

2022-10-0316:23:56

mitre

www.cve.org

cross-site scripting

jce-tech

datafeed parser

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.

References

packetstormsecurity.org/0908-exploits/ams-xss.txt

secunia.com/advisories/36491

www.vupen.com/english/advisories/2009/2445