CVE-2009-4852
Published May 7, 2010
Last updated 15 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66CAF72A-32FA-47E5-A2A1-CE1AC727BDD7",
"versionEndIncluding": "0.94"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.85:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27D7B7E8-9E61-495E-B90F-409CDD1C4F80"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.86:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92CAF7CB-2CF5-4171-9E7E-91CA3CA2F8B3"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.87:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36E2D117-0A6C-467F-9D07-BCD7470EF6AA"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.88:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "643680EC-9CB5-410E-9BCC-25994F15A45D"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.89:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88D121C0-CE48-471A-B530-975DEFEDE368"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BC3B27D-41C2-451F-8F8F-B95E0FEB6F06"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58F6A24C-A578-4195-AA56-6B0B933A56B3"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F9FCDF2-8100-4015-A435-98745C4D41E4"
},
{
"criteria": "cpe:2.3:a:festic:semanticscuttle:0.93:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA842EF8-723B-481A-A65C-BC4193903C03"
}
],
"operator": "OR"
}
]
}
]