Lucene search
HistoryJun 23, 2009 - 4:30 p.m.
CVE-2009-2170
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.1%
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
Affected configurations
Node
maharamaharaMatch1.0.0
ORmaharamaharaMatch1.0.1
ORmaharamaharaMatch1.0.2
ORmaharamaharaMatch1.0.3
ORmaharamaharaMatch1.0.4
ORmaharamaharaMatch1.0.5
ORmaharamaharaMatch1.0.6
ORmaharamaharaMatch1.0.7
ORmaharamaharaMatch1.0.8
ORmaharamaharaMatch1.0.9
ORmaharamaharaMatch1.0.10
ORmaharamaharaMatch1.0.11
ORmaharamaharaMatch1.1
ORmaharamaharaMatch1.1.0
ORmaharamaharaMatch1.1.0alpha1
ORmaharamaharaMatch1.1.0alpha2
ORmaharamaharaMatch1.1.0alpha3
ORmaharamaharaMatch1.1.0beta1
ORmaharamaharaMatch1.1.0beta2
ORmaharamaharaMatch1.1.0beta3
ORmaharamaharaMatch1.1.0beta4
ORmaharamaharaMatch1.1.0rc1
ORmaharamaharaMatch1.1.0rc2
ORmaharamaharaMatch1.1.1
ORmaharamaharaMatch1.1.2
ORmaharamaharaMatch1.1.3
ORmaharamaharaMatch1.1.4
Related
openvas
openvas
Debian: Security Advisory (DSA-1822-1)
2009-06-29 00:00:00
Mahara Cross-Site Scripting Vulnerability
2009-06-26 00:00:00
Debian Security Advisory DSA 1822-1 (mahara)
2009-06-30 00:00:00
prion
prion
Cross site scripting
2009-06-23 16:30:00
ubuntucve
ubuntucve
CVE-2009-2170
2009-06-23 00:00:00
cvelist
cvelist
CVE-2009-2170
2022-10-03 16:24:08
cve
cve
CVE-2009-2170
2022-10-03 16:24:08
nessus
nessus
Debian DSA-1822-1 : mahara - insufficient input sanitization
2009-06-24 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.1%
Related for NVD:CVE-2009-2170