CVE-2009-4478
CVE-2009-4478 affects Xstate Real Estate 1.0 with multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via PATH_INFO to (1) home.html or (2) lands.html. The vulnerability stems from improper PATH_INFO handling. Impact is web-based XSS; no specific exploi...