Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-4422HistoryDec 24, 2009 - 5:30 p.m.
CVE-2009-4422
2009-12-2417:30:00
Debian Security Bug Tracker
security-tracker.debian.org
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.1%
Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | libphp-jpgraph | < 1.5.2-13.1 | libphp-jpgraph_1.5.2-13.1_all.deb |
| Debian | 10 | all | libphp-jpgraph | < 1.5.2-13 | libphp-jpgraph_1.5.2-13_all.deb |
Related
openvas
openvas
JpGraph Multiple Cross-Site Scripting Vulnerabilities
2010-01-13 00:00:00
JpGraph <= 3.0.6 Multiple XSS Vulnerabilities
2010-01-13 00:00:00
Mandriva Security Advisory MDVSA-2009:340 (jpgraph)
2009-12-30 00:00:00
prion
prion
Cross site scripting
2009-12-24 17:30:00
ubuntucve
ubuntucve
CVE-2009-4422
2009-12-24 00:00:00
cve
cve
CVE-2009-4422
2009-12-24 17:30:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-12-29 00:00:00
[ MDVSA-2009:340 ] jpgraph
2009-12-29 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.1%
Related for DEBIANCVE:CVE-2009-4422