Cross site scripting

2009-03-1910:30:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in futomi’s CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CPENameOperatorVersion
access_analyzer_cgieq2.4 std
access_analyzer_cgieq3.1 std
access_analyzer_cgieq3.4 std
access_analyzer_cgieq1.2 std
access_analyzer_cgieq1.1 std
access_analyzer_cgile3.8.1
access_analyzer_cgieq3.8 std
access_analyzer_cgieq2.3 std
access_analyzer_cgieq3.5 std
access_analyzer_cgieq2.0 std

Name	Operator	Version
access_analyzer_cgi	eq	2.4 std
access_analyzer_cgi	eq	3.1 std
access_analyzer_cgi	eq	3.4 std
access_analyzer_cgi	eq	1.2 std
access_analyzer_cgi	eq	1.1 std
access_analyzer_cgi	le	3.8.1
access_analyzer_cgi	eq	3.8 std
access_analyzer_cgi	eq	2.3 std
access_analyzer_cgi	eq	3.5 std
access_analyzer_cgi	eq	2.0 std

Rows per page:

1-10 of 191

References

jvn.jp/en/jp/JVN23558374/index.html

jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html

osvdb.org/52802

secunia.com/advisories/34271

www.futomi.com/library/info/2009/20090316.html

www.securityfocus.com/bid/34123

www.vupen.com/english/advisories/2009/0737

exchange.xforce.ibmcloud.com/vulnerabilities/49264