Podatność CVE-2009-4250

Podatność CVE-2009-4250

Publikacja: 2009-12-09 Modyfikacja: 2012-02-13

Opis:

	Tytuł	Autor	Data
Med.	Cute News and UTF-8 Cute News - Multiple Security Issues	Andrew Horton	03.12.2009

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
4.3/10	2.9/10	8.6/10

Affected software
Korn19 -> Utf-8 cutenews
Cutephp -> Cutenews

http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt

http://www.securityfocus.com/archive/1/507782/100/0/threaded

http://www.securityfocus.com/bid/36971

https://exchange.xforce.ibmcloud.com/vulnerabilities/54221

https://exchange.xforce.ibmcloud.com/vulnerabilities/54222

https://exchange.xforce.ibmcloud.com/vulnerabilities/54223

https://exchange.xforce.ibmcloud.com/vulnerabilities/54224

https://exchange.xforce.ibmcloud.com/vulnerabilities/54237