2 matches found
CVE-2009-3440
Cross-site scripting XSS vulnerability in Open Source Security Information Management OSSIM before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI aka the main menu...
CVE-2009-3440
The CVE-2009-3440 entry describes a Cross-Site Scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) prior to version 2.1.2. The issue arises from insufficient input validation on the option parameter of the default URI (the main menu), allowing remote attackers to ...