Lucene search
Japan Vulnerability NotesJVN:57036470HistoryMay 22, 2009 - 12:00 a.m.
JVN#57036470 Cross-site scripting vulnerability in leger (free edition)
2009-05-2200:00:00
Japan Vulnerability Notes
jvn.jp
19
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.5%
leger (free edition) from ‘AD2000’ is a software to manage conference room reservations. leger (free edition) contains a cross-site scripting vulnerability.
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Update the Software
Update to the latest version according to the information provided by the vendor.
Products Affected
- leger (free edition) May 22, 2009 edition (Ver.1.6.4) and earlier
Related
cvelist
cvelist
CVE-2009-2240
2009-06-27 18:00:00
prion
prion
Cross site scripting
2009-06-27 18:48:00
cve
cve
CVE-2009-2240
2009-06-27 18:48:02
nvd
nvd
CVE-2009-2240
2009-06-27 18:48:02
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.5%
Related for JVN:57036470